summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-04-02 18:33:35 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-04-02 18:34:34 +0200
commit6463ed1dcdd45416468b3fa178bd856b5a9ed2c3 (patch)
treeea5e78da52f4e539cb84f4a312bf79f63083bd31
parent203c71b7de626eea39e1b4134a4f2ecf6a8a6f87 (diff)
downloadsssd-1_9_91.tar.gz
sssd-1_9_91.tar.xz
sssd-1_9_91.zip
Updating the translations for the 1.10 alpha releasesssd-1_9_91sssd-1_10_alpha1
-rw-r--r--po/LINGUAS1
-rw-r--r--po/bg.po832
-rw-r--r--po/ca.po2
-rw-r--r--po/de.po597
-rw-r--r--po/es.po678
-rw-r--r--po/eu.po597
-rw-r--r--po/fr.po611
-rw-r--r--po/hu.po597
-rw-r--r--po/id.po597
-rw-r--r--po/it.po597
-rw-r--r--po/ja.po606
-rw-r--r--po/nb.po597
-rw-r--r--po/nl.po608
-rw-r--r--po/pl.po607
-rw-r--r--po/pt.po597
-rw-r--r--po/ru.po598
-rw-r--r--po/sssd.pot597
-rw-r--r--po/sv.po603
-rw-r--r--po/tg.po597
-rw-r--r--po/tr.po599
-rw-r--r--po/uk.po609
-rw-r--r--po/zh_CN.po1696
-rw-r--r--po/zh_TW.po597
-rw-r--r--src/man/po/br.po1416
-rw-r--r--src/man/po/ca.po1466
-rw-r--r--src/man/po/cs.po1412
-rw-r--r--src/man/po/es.po3893
-rw-r--r--src/man/po/eu.po1412
-rw-r--r--src/man/po/fr.po3938
-rw-r--r--src/man/po/ja.po1535
-rw-r--r--src/man/po/lv.po8406
-rw-r--r--src/man/po/nl.po1416
-rw-r--r--src/man/po/po4a.cfg2
-rw-r--r--src/man/po/pt.po1435
-rw-r--r--src/man/po/ru.po1414
-rw-r--r--src/man/po/sssd-docs.pot1384
-rw-r--r--src/man/po/tg.po1414
-rw-r--r--src/man/po/uk.po1550
-rw-r--r--src/man/po/zh_CN.po8398
39 files changed, 39742 insertions, 14769 deletions
diff --git a/po/LINGUAS b/po/LINGUAS
index 2cb468a8e..13eac7eb5 100644
--- a/po/LINGUAS
+++ b/po/LINGUAS
@@ -16,5 +16,6 @@ sv
tg
tr
uk
+zh_CN
zh_TW
diff --git a/po/bg.po b/po/bg.po
index a9267a2eb..e61679512 100644
--- a/po/bg.po
+++ b/po/bg.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
-"PO-Revision-Date: 2012-10-08 07:11+0000\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
+"PO-Revision-Date: 2012-10-17 20:32+0000\n"
"Last-Translator: Valentin Laskov <laskov@festa.bg>\n"
"Language-Team: Bulgarian <trans-bg@lists.fedoraproject.org>\n"
"Language: bg\n"
@@ -69,15 +69,15 @@ msgstr "SSSD домейни за стартиране"
#: src/config/SSSDConfig/__init__.py.in:53
msgid "Timeout for messages sent over the SBUS"
-msgstr ""
+msgstr "Изчакване за съобщения, изпратени през SBUS"
#: src/config/SSSDConfig/__init__.py.in:54
msgid "Regex to parse username and domain"
-msgstr ""
+msgstr "Regex за намиране на потребителско име и домейн"
#: src/config/SSSDConfig/__init__.py.in:55
msgid "Printf-compatible format for displaying fully-qualified names"
-msgstr ""
+msgstr "Printf-съвместим формат за изобразяване на пълно-квалифицирани имена"
#: src/config/SSSDConfig/__init__.py.in:56
msgid ""
@@ -112,11 +112,11 @@ msgstr "Групи, които SSSD изрично трябва да игнор
#: src/config/SSSDConfig/__init__.py.in:65
msgid "Should filtered users appear in groups"
-msgstr ""
+msgstr "Да се показват ли филтрираните потребители в групи"
#: src/config/SSSDConfig/__init__.py.in:66
msgid "The value of the password field the NSS provider should return"
-msgstr ""
+msgstr "Стойността на полето парола, което NSS доставчикът трябва да върне"
#: src/config/SSSDConfig/__init__.py.in:67
msgid "Override homedir value from the identity provider with this value"
@@ -156,7 +156,7 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:77
msgid "How long to allow cached logins between online logins (days)"
-msgstr ""
+msgstr "Колко дни да се позволява кеширано влизане между влизания онлайн"
#: src/config/SSSDConfig/__init__.py.in:78
msgid "How many failed logins attempts are allowed when offline"
@@ -202,19 +202,19 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:98
msgid "Identity provider"
-msgstr ""
+msgstr "Доставчик на самоличност"
#: src/config/SSSDConfig/__init__.py.in:99
msgid "Authentication provider"
-msgstr ""
+msgstr "Доставчик на удостоверяване"
#: src/config/SSSDConfig/__init__.py.in:100
msgid "Access control provider"
-msgstr ""
+msgstr "Доставчик на контрол на достъп"
#: src/config/SSSDConfig/__init__.py.in:101
msgid "Password change provider"
-msgstr ""
+msgstr "Доставчик на смяна на парола"
#: src/config/SSSDConfig/__init__.py.in:102
msgid "SUDO provider"
@@ -234,11 +234,11 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:108
msgid "Minimum user ID"
-msgstr ""
+msgstr "Минимално ID на потребител"
#: src/config/SSSDConfig/__init__.py.in:109
msgid "Maximum user ID"
-msgstr ""
+msgstr "Максимално ID на потребител"
#: src/config/SSSDConfig/__init__.py.in:110
msgid "Enable enumerating all users/groups"
@@ -246,856 +246,869 @@ msgstr ""
#: src/config/SSSDConfig/__init__.py.in:111
msgid "Cache credentials for offline login"
-msgstr ""
+msgstr "Кеширай идентификационни данни за офлайн влизане"
#: src/config/SSSDConfig/__init__.py.in:112
msgid "Store password hashes"
-msgstr ""
+msgstr "Съхранявай хешове на пароли"
#: src/config/SSSDConfig/__init__.py.in:113
msgid "Display users/groups in fully-qualified form"
-msgstr ""
+msgstr "Показвай потребители/групи в пълно -валифицирана форма"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
-msgstr ""
+msgstr "Ограничава или предпочита определена фамилия адреси при DNS търсения"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
+"Колко дни да се пазят кешираните записи след последното успешно влизане"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
+"Колко време да чакам за отговори от DNS при търсене на сървъри (секунди)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
-msgstr ""
+msgstr "Частта Домейн от DNS заявката за откриване на услуга"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
-msgstr ""
+msgstr "IPA домейн"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
-msgstr ""
+msgstr "Адрес на IPA сървър"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
-msgstr ""
+msgstr "Име на хост на IPA клиент"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
-msgstr ""
+msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
-msgstr ""
+msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Адрес на Kerberos сървър"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
-msgstr ""
+msgstr "Kerberos област"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
-msgstr ""
+msgstr "Директория за съхранение на кеша за данни за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
-msgstr ""
+msgstr "Местоположение на кеша за данни за удостоверяване на потребители"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
-msgstr ""
+msgstr "Местоположение на keytab за валидиране на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
-msgstr ""
+msgstr "Разреши проверката на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
-msgstr ""
+msgstr "Записва паролата ако е офлайн за по-късно удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
-msgstr ""
+msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
-msgstr ""
+msgstr "ldap_uri, URI на LDAP сървъра"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
-msgstr ""
+msgstr "Базовият DN по подразбиране"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
-msgstr ""
+msgstr "Използваният тип схема на LDAP сървъра, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
-msgstr ""
+msgstr "Подразбиращият се bind DN"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
-msgstr ""
+msgstr "Продължителност на опитите за свързване"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
-msgstr ""
+msgstr "Продължителност на опитите за синхронни LDAP операции"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
-msgstr ""
+msgstr "Продължителност на времето между опитите за връзка докато е офлайн"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
-msgstr ""
+msgstr "Файл, съдържащ CA сертификати"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
-msgstr ""
+msgstr "Път до директорията на CA сертификат"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
-msgstr ""
+msgstr "Изисква TLS проверка на сертификат"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
-msgstr ""
+msgstr "Задава за използване механизма sasl"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
-msgstr ""
+msgstr "Задаване на sasl authorization id за употреба"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
-msgstr ""
+msgstr "keytab на Kerberos услуга"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
-msgstr ""
+msgstr "Ползвай Kerberos auth за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
-msgstr ""
+msgstr "Следвай LDAP референциите"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
-msgstr ""
+msgstr "Продължителност на живот на TGT за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
-msgstr ""
+msgstr "Продължителност на време за изчакване на заявка за търсене"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
-msgstr ""
+msgstr "Продължителност на време между актуализации на изброяване"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
-msgstr ""
+msgstr "Изисква TLS за ИД справките"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
-msgstr ""
+msgstr "атрибут Потребителско име"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
-msgstr ""
+msgstr "атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
-msgstr ""
+msgstr "атрибут Първичен GID"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
-msgstr ""
+msgstr "атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
-msgstr ""
+msgstr "атрибут Домашна директория"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
-msgstr ""
+msgstr "атрибут Команден интерпретатор"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
-msgstr ""
+msgstr "атрибут UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
-msgstr ""
+msgstr "атрибут User principal (за Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
-msgstr ""
+msgstr "Пълно име"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
-msgstr ""
+msgstr "атрибут членНа"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
-msgstr ""
+msgstr "атрибут Момент на промяна"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
-msgstr ""
+msgstr "Политика за определяне срок на валидност на парола"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
-msgstr ""
+msgstr "LDAP филтър за определяне права на достъп"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
-msgstr ""
+msgstr "Списък разрешени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
-msgstr ""
+msgstr "Списък забранени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
-msgstr ""
+msgstr "Подразбиращ се команден интерпретатор, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
-msgstr ""
+msgstr "Място за домашните директории"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
-msgstr ""
+msgstr "Продължава като демон (по подразбиране)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
-msgstr ""
+msgstr "Интерактивна работа (а не като демон)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
-msgstr ""
+msgstr "Задаване на друг (не подразбиращия се) конфиг файл"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
-msgstr ""
+msgstr "Ниво на debug"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
-msgstr ""
+msgstr "SSSD не е стартиран като root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
-msgstr ""
+msgstr "Възникнала е грешка, но не може да се намери описание."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
-msgstr ""
+msgstr "Неочаквана грешка при търсене на описание на грешка"
#: src/sss_client/pam_sss.c:387
msgid "Passwords do not match"
-msgstr ""
+msgstr "Паролите не съвпадат"
#: src/sss_client/pam_sss.c:575
msgid "Password reset by root is not supported."
-msgstr ""
+msgstr "Промяна на паролата от root не се поддържа."
#: src/sss_client/pam_sss.c:616
msgid "Authenticated with cached credentials"
-msgstr ""
+msgstr "Удостоверен с кеширани идентификационни данни"
#: src/sss_client/pam_sss.c:617
msgid ", your cached password will expire at: "
-msgstr ""
+msgstr ", кешираната парола ще изтече на: "
#: src/sss_client/pam_sss.c:647
#, c-format
@@ -1109,48 +1122,48 @@ msgstr ""
#: src/sss_client/pam_sss.c:742
msgid "Authentication is denied until: "
-msgstr ""
+msgstr "Удостоверяването е забранено до: "
#: src/sss_client/pam_sss.c:763
msgid "System is offline, password change not possible"
-msgstr ""
+msgstr "Системата е офлайн, промяна на паролата не е възможна"
#: src/sss_client/pam_sss.c:793 src/sss_client/pam_sss.c:806
msgid "Password change failed. "
-msgstr ""
+msgstr "Промяната на паролата не успя."
#: src/sss_client/pam_sss.c:796 src/sss_client/pam_sss.c:807
msgid "Server message: "
-msgstr ""
+msgstr "Съобщение от сървъра:"
#: src/sss_client/pam_sss.c:1231
msgid "New Password: "
-msgstr ""
+msgstr "Нова парола:"
#: src/sss_client/pam_sss.c:1232
msgid "Reenter new Password: "
-msgstr ""
+msgstr "Отново новата парола:"
#: src/sss_client/pam_sss.c:1318
msgid "Password: "
-msgstr ""
+msgstr "Парола:"
#: src/sss_client/pam_sss.c:1350
msgid "Current Password: "
-msgstr ""
+msgstr "Текуща парола:"
#: src/sss_client/pam_sss.c:1497
msgid "Password expired. Change your password now."
-msgstr ""
+msgstr "Паролата Ви е остаряла. Сменете я сега."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
-msgstr ""
+msgstr "Нивото на debug записи при работа"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196
@@ -1158,12 +1171,12 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
-msgstr ""
+msgstr "Грешка при задаване локални настр.\n"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
@@ -1196,105 +1209,107 @@ msgstr ""
#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
msgid "The UID of the user"
-msgstr ""
+msgstr "UID на потребителя"
#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50
msgid "The comment string"
-msgstr ""
+msgstr "Низ за коментар"
#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51
msgid "Home directory"
-msgstr ""
+msgstr "Домашна директория"
#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52
msgid "Login shell"
-msgstr ""
+msgstr "Команден интерпретатор"
#: src/tools/sss_useradd.c:53
msgid "Groups"
-msgstr ""
+msgstr "Групи"
#: src/tools/sss_useradd.c:54
msgid "Create user's directory if it does not exist"
-msgstr ""
+msgstr "Създай, ако не съществува, директория на потребителя"
#: src/tools/sss_useradd.c:55
msgid "Never create user's directory, overrides config"
-msgstr ""
+msgstr "Никога не създавай директория на потребителя, въпреки конфиг."
#: src/tools/sss_useradd.c:56
msgid "Specify an alternative skeleton directory"
-msgstr ""
+msgstr "Задайте алтернативна skeleton директория"
#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:57
msgid "The SELinux user for user's login"
-msgstr ""
+msgstr "SELinux потребителят за влизането на потребителя"
#: src/tools/sss_useradd.c:86 src/tools/sss_groupmod.c:78
#: src/tools/sss_usermod.c:87
msgid "Specify group to add to\n"
-msgstr ""
+msgstr "Задайте група, към която да го добавя\n"
#: src/tools/sss_useradd.c:110
msgid "Specify user to add\n"
-msgstr ""
+msgstr "Задайте потребител за добавяне\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
-msgstr ""
+msgstr "Грешка при инициализирането на инструментите - няма локален домейн\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
-msgstr ""
+msgstr "Грешка при инициализирането на инструментите\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
-msgstr ""
+msgstr "В FQDN е зададен невалиден домейн\n"
#: src/tools/sss_useradd.c:139 src/tools/sss_groupmod.c:141
#: src/tools/sss_groupmod.c:168 src/tools/sss_usermod.c:162
#: src/tools/sss_usermod.c:189
msgid "Internal error while parsing parameters\n"
-msgstr ""
+msgstr "Вътрешна грешка при разбор на параметри\n"
#: src/tools/sss_useradd.c:147 src/tools/sss_usermod.c:170
#: src/tools/sss_usermod.c:197
msgid "Groups must be in the same domain as user\n"
-msgstr ""
+msgstr "Групите трябва да са в същия домейн като потребителя\n"
#: src/tools/sss_useradd.c:155
#, c-format
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
-msgstr ""
+msgstr "Не мога да задам стойностите по подразбиране\n"
#: src/tools/sss_useradd.c:177 src/tools/sss_usermod.c:153
msgid "The selected UID is outside the allowed range\n"
-msgstr ""
+msgstr "Зададеният UID е извън позволения обхват\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
-msgstr ""
+msgstr "Не мога да задам SELinux контекст за влизане\n"
#: src/tools/sss_useradd.c:221
msgid "Cannot get info about the user\n"
-msgstr ""
+msgstr "Не мога да получа инфо за потребителя\n"
#: src/tools/sss_useradd.c:233
msgid "User's home directory already exists, not copying data from skeldir\n"
msgstr ""
+"Домашната директория на потребителя вече съществува, няма да копирам данни "
+"от skeldir\n"
#: src/tools/sss_useradd.c:236
#, c-format
@@ -1308,27 +1323,27 @@ msgstr ""
#: src/tools/sss_useradd.c:266
msgid "Could not allocate ID for the user - domain full?\n"
-msgstr ""
+msgstr "Не можах да запазя ID за потребителя - домейнът ли е пълен?\n"
#: src/tools/sss_useradd.c:270
msgid "A user or group with the same name or ID already exists\n"
-msgstr ""
+msgstr "Потребител или група с такова име или ID вече съществува\n"
#: src/tools/sss_useradd.c:276
msgid "Transaction error. Could not add user.\n"
-msgstr ""
+msgstr "Грешка в транзакцията. Не можах да добавя потребителя.\n"
#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48
msgid "The GID of the group"
-msgstr ""
+msgstr "GID на групата"
#: src/tools/sss_groupadd.c:75
msgid "Specify group to add\n"
-msgstr ""
+msgstr "Задайте група за добавяне\n"
#: src/tools/sss_groupadd.c:104 src/tools/sss_groupmod.c:192
msgid "The selected GID is outside the allowed range\n"
-msgstr ""
+msgstr "Зададеният GID е извън позволения обхват\n"
#: src/tools/sss_groupadd.c:141
msgid "Could not allocate ID for the group - domain full?\n"
@@ -1342,22 +1357,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
+msgstr "Група %1$s е извън дефинирания ID обхват за домейн\n"
+
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1395,131 +1418,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
-msgstr ""
+msgstr "Потребител %1$s е извън дефинирания ID обхват за домейн\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1553,96 +1576,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1654,7 +1677,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1663,6 +1695,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/ca.po b/po/ca.po
index c032e7613..03d96fdaa 100644
--- a/po/ca.po
+++ b/po/ca.po
@@ -12,7 +12,7 @@ msgstr ""
"Report-Msgid-Bugs-To: https://fedorahosted.org/sssd\n"
"POT-Creation-Date: 2012-10-05 19:20+0200\n"
"PO-Revision-Date: 2012-10-08 10:00+0000\n"
-"Last-Translator: muzzol <muzzol@gmail.com>\n"
+"Last-Translator: muzzol mussol <muzzol@gmail.com>\n"
"Language-Team: Catalan <fedora@llistes.softcatala.org>\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
diff --git a/po/de.po b/po/de.po
index aa7ac4949..f69b670f5 100644
--- a/po/de.po
+++ b/po/de.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: German <trans-de@lists.fedoraproject.org>\n"
@@ -256,827 +256,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-Domain"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA-Client-Rechnername"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberos Realm"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "GECOS-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Shell-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "UUID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Vollständiger Name"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1144,10 +1154,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1157,10 +1167,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1239,22 +1249,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1275,7 +1285,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr ""
@@ -1283,7 +1293,7 @@ msgstr ""
msgid "The selected UID is outside the allowed range\n"
msgstr ""
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1341,22 +1351,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1394,131 +1412,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1552,96 +1570,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1653,7 +1671,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1662,6 +1689,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/es.po b/po/es.po
index 7e87b5d5b..a76236d5f 100644
--- a/po/es.po
+++ b/po/es.po
@@ -5,6 +5,7 @@
# Translators:
# Adolfo Jayme Barrientos <fitoschido@gmail.com>, 2012.
# Daniel Cabrera <logan@fedoraproject.org>, 2011.
+# <ehespinosa@ya.com>, 2013.
# Héctor Daniel Cabrera <logan@fedoraproject.org>, 2011.
# Hugo Jiménez Hernández <hjimenezhdez@gmail.com>, 2011.
# <sgallagh@redhat.com>, 2011.
@@ -12,9 +13,9 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
-"PO-Revision-Date: 2012-10-05 17:31+0000\n"
-"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
+"PO-Revision-Date: 2013-03-24 20:40+0000\n"
+"Last-Translator: vareli <ehespinosa@ya.com>\n"
"Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n"
"Language: es\n"
"MIME-Version: 1.0\n"
@@ -205,7 +206,7 @@ msgstr "Cuanto días se debe mostrar un aviso de expiración de contraseña"
#: src/config/SSSDConfig/__init__.py.in:85
msgid "Whether to evaluate the time-based attributes in sudo rules"
-msgstr ""
+msgstr "Ya sea para evaluar los atributos basados en el tiempo en reglas sudo"
#: src/config/SSSDConfig/__init__.py.in:91
msgid "Whether to hash host names and addresses in the known_hosts file"
@@ -247,11 +248,11 @@ msgstr "Proveedor de Autofs"
#: src/config/SSSDConfig/__init__.py.in:104
msgid "Session-loading provider"
-msgstr ""
+msgstr "Suministrador de carga de sesión"
#: src/config/SSSDConfig/__init__.py.in:105
msgid "Host identity provider"
-msgstr ""
+msgstr "Suministrador de identidad de host"
#: src/config/SSSDConfig/__init__.py.in:108
msgid "Minimum user ID"
@@ -278,309 +279,327 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Mostrar los usuarios/grupos en un formato completamente calificado"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Tiempo máximo de una entrada del caché (segundos)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir o preferir una familia de direcciones específica, cuando se "
"realicen búsquedas DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr "Por cuánto tiempo permitir ingresos cacheados luego del último (días)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Cantidad de tiempo (en segundos) a esperar respuestas desde DNS cuando se "
"estén resolviendo servidores"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "La sección del dominio de la consulta para descubrir servicios DNS"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "Sustituye valor GID del proveedor de la identidad con este valor"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Trate al nombre de usuario con mayúsculas y minúsculas"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Dirección del servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Nombre de equipo del cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"La interfaz cuya IP debería ser utilizada para actualizaciones DNS "
"automáticas"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Búsqueda base para objetos HBAC"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+"Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
"Si se encuentran presentes reglas de negación (DENY) o bien se niega todo "
"(DENY_ALL) o se ignora (IGNORE)"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Si se lo define en 'false', será ignorado el argumento de equipo ofrecido "
"por PAM"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "La ubicación de montaje automático que este cliente de IPA está usando"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Dirección del servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Reinado Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Expiración de la autenticación"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Directorio donde almacenar las credenciales cacheadas"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Ubicación del caché de credenciales del usuario"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Ubicación de la tabla de claves para validar las credenciales"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Habilitar la validación de credenciales"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
"Si se encuentra desconectado, almacena contraseñas para más tarde realizar "
"una autenticación en línea"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "ciclo de vida renovable del TGT"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "ciclo de vida del TGT"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "tiempo entre dos comprobaciones para renovación "
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Habilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Selecciona el principal para su uso por FAST"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Habilita canonicalización principal"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"El servidor en donde está ejecutándose el servicio de modificación de "
"contraseña, en caso de no ser KDC. "
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, El URI del servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "DN base predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "El DN Bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "El tipo del token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "El token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Tiempo durante el que se intentará la conexión"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Use solo el caso superior para nombres reales"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Ruta hacia un directorio certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Fichero que contiene el certificado de cliente"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Fichero que contiene la llave de cliente"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Lista de posibles suites de cifrado"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Requiere la verificación de certificado TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Especificar el mecanismo sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Especifique el id de autorización sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Especifica el reinado de autorización sasl a ser utilizado"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Tabla de clave del servicio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usar auth Kerberos para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Seguir referencias LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Período de vida del TGT para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Como eliminar aliases"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Nombre de servicio para busquedas de servicios DNS"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"La cantidad de miembros que deben faltar para desencadenar una deref completa"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -588,544 +607,540 @@ msgstr ""
"Si la Biblioteca LDAP debería realizar una búsqueda inversa para "
"canonicalizar el nombre del host durante un enlace SASL"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "atributo entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "atributo lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"El período de tiempo máximo para retener una conexión con el servidor LDAP "
"antes de desconectar"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
-msgstr ""
+msgstr "Deshabilita el control de paginación LDAP"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Tiempo máximo a esperar un pedido de búsqueda"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "periodo de espera para solicitud de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Tiempo en segundos entre las actualizaciones de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "periodo de tiempo entre borrados de la caché"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Requiere TLS para búsquedas de ID"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Ambito de las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filtro para las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Atributo GID primario"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Atributo Directorio de inicio"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Atributo shell"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal del usuario (para Kerberos) "
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Nombre completo"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "atributo shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "atributo shadowMin "
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "atributo shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "atributo shadowWarning "
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "atributo shadowInactive "
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "atributo shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "atributo shadowFlag "
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "listado de atributos de servicios PAM autorizados"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Atributo de listado de equipos de servidor autorizados"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "atributo krbLastPwdChange "
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "atributo krbPasswordExpiration "
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"atributo indicando que las políticas de contraseña del lado del servidor "
"están activas"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "atributo accountExpires de AD"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "atributo userAccountControl de AD"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "atributo nsAccountLock "
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "Atributo de clave pública SSH"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "DN base para busqueda de grupos"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "clase objeto para"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Nombre del grupo"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Contraseña del grupo"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "Atributo GID"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Atributo de miembro del grupo"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Atributo de UUID del grupo"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Atributo de modificación de tiempo para los grupos"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "A continuación, nivel SSSD de anidado máximo"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "DN base para búsquedas de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Clases de objetos para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Nombre de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Atributo de miembros de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Atributo triple de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Atributo UUID de miembro de red"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Atributo de modificación de tiempo para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
-msgstr ""
+msgstr "Base DN para servicio de búsquedas"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
-msgstr ""
+msgstr "Clase de objeto para servicio"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
-msgstr ""
+msgstr "Atributo de nombre de servicio"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
-msgstr ""
+msgstr "Atributo de puerto de servicio"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
-msgstr ""
+msgstr "Atributo de protocolo de servidor"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Política para evaluar el vencimiento de la contraseña"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP para determinar privilegios de acceso"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Los atributos que deberán ser utilizados para evaluar si una cuenta ha "
"expirado"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI de un servidor LDAP donde se permite la modificación de contraseñas"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
"Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
-msgstr ""
+msgstr "Base DN para búsquedas de reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
-msgstr ""
+msgstr "Objeto clase para reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
-msgstr ""
+msgstr "Nombre de regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
-msgstr ""
+msgstr "Atributo de regla de comando sudo"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
-msgstr ""
+msgstr "Atributo de la regla host de sudo"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
-msgstr ""
+msgstr "Atributo de la regla usuario de sudo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
-msgstr ""
+msgstr "Atributo de la regla opción de sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
-msgstr ""
+msgstr "Atributo de la regla suda runasuser"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
-msgstr ""
+msgstr "Atributo de regla runasgroup de sudo"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
-msgstr ""
+msgstr "Atributo de regla notbefore de sudo"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
-msgstr ""
+msgstr "Atributo de regla noafter de sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
-msgstr ""
+msgstr "Atributo de regla orden de sudo"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
-msgstr ""
+msgstr "Objeto clase para mapas automontador"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
-msgstr ""
+msgstr "Atributo de nombre de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
-msgstr ""
+msgstr "Objeto clase para entradas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
-msgstr ""
+msgstr "Atributo de clave de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
-msgstr ""
+msgstr "Atributo de valor de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
-msgstr ""
+msgstr "Base DN para búsquedas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Lista separada por comas de usuarios autorizados"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Lista separada por comas de usuarios prohibidos"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Shell predeterminado, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Base de los directorios de inicio"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Nombre de la biblioteca NSS a usar"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Pila PAM a usar"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Convertirse en demonio (predeterminado)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Ejecutarse en forma interactiva (no un demonio)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Indicar un archivo de configuración diferente al predeterminado"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Muestra el número de versión y finaliza"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Nive de depuración"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Agregar marcas de tiempo de depuración"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Mostrar marcas de tiempo con microsegundos"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Un arhivo abierto de descriptor para los registros de depuración"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del proveedor de información (obligatorio)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "El zócalo privilegiado posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "El zócalo público posee permisos o pertenencia equivocados."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Formato no esperado del mensaje de la credencial del servidor."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD no está siendo ejecutado por el usuario root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "Ha ocurrido un error, pero no se ha podido encontrar una descripción."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
"Ha ocurrido un error no esperado mientras se buscaba la descripción del error"
@@ -1194,42 +1209,42 @@ msgstr "La contraseña ha expirado. Modifíquela en este preciso momento."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Nivel de depuración en que se debe ejecutar"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196
msgid "The SSSD domain to use"
-msgstr ""
+msgstr "El dominio SSSD a usar"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Error al poner la región\n"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
msgid "Not enough memory\n"
-msgstr ""
+msgstr "Nos hay suficiente memoria\n"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
msgid "User not specified\n"
-msgstr ""
+msgstr "Usuario no especificado\n"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
msgid "Error looking up public keys\n"
-msgstr ""
+msgstr "Error buscando claves públicas\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194
msgid "The port to use to connect to the host"
-msgstr ""
+msgstr "El puerto a usar para conectar al host"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238
msgid "Invalid port\n"
@@ -1237,11 +1252,11 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243
msgid "Host not specified\n"
-msgstr ""
+msgstr "Host no especificado\n"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249
msgid "The path to the proxy command must be absolute\n"
-msgstr ""
+msgstr "La ruta al comando proxy debe ser absoluta\n"
#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
msgid "The UID of the user"
@@ -1290,22 +1305,22 @@ msgid "Specify user to add\n"
msgstr "Especifique el usuario a agregar\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Error al inicializar las herramientas - no hay dominio local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Error al inicializar las herramientas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Dominio inválido especificado en FQDN\n"
@@ -1326,7 +1341,7 @@ msgstr "Los grupos deben estar en el mismo dominio que el usuario\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "No se pudieron establecer los valores predeterminados\n"
@@ -1334,7 +1349,7 @@ msgstr "No se pudieron establecer los valores predeterminados\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "El UID seleccionado está fuera del rango permitido\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "No es posible definir contexto de registro de SELinux\n"
@@ -1394,16 +1409,24 @@ msgstr "Ya existe un grupo con el mismo nombre o GID\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Error en la transacción. No se pudo agregar el grupo.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Especifique el grupo a borrar\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1411,7 +1434,7 @@ msgstr ""
"No existe tal grupo en el dominio local. Eliminando los grupos que sólo se "
"permiten en el dominio local.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Error interno. No se pudo eliminar el grupo.\n"
@@ -1452,63 +1475,63 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"No se pudo modificar el grupo - verifique si los nombre de grupo miembro son "
"los correctos\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"No se pudo modificar el grupo - verifique si el nombre de grupo es correcto\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Error de transacción. No se pudo modificar el grupo.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magia privada"
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Imprime miembros de grupo indirecto en forma recursiva"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Especifica el grupo a mostrar\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1516,75 +1539,75 @@ msgstr ""
"No existe tal grupo en el dominio local. Imprimir los grupos está permitido "
"únicamente en el dominio local.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Error interno. No se pudo imprimir el grupo.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Eliminar el directorio de inicio y el receptor de correo"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "No eliminar el directorio de inicio y el receptor de correo"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Forzar la eliminación de los archivos que no pertenecen al usuario"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Finaliza los procesos del usuario antes de eliminarlo"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Especifique el usuario a borrar\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "No es posible reiniciar contexto de registro de SELinux\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"No es posible determinar si el usuario estaba registrado en esta plataforma"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"No existe ese usuario en el dominio local. La eliminación de usuarios se "
"permite en el dominio local.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Error interno. No se pudo eliminar el usuario.\n"
@@ -1620,99 +1643,99 @@ msgstr ""
"No se pudo encontrar el usuario en el dominio local, la modificación de los "
"usuarios se permite solamente en el dominio local\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"No se pudo modificar el usuario - verifique si los nombres de grupo son "
"correctos\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"No se pudo modificar el usuario - ¿no será ya miembro de esos grupos?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Error de transacción. No se pudo modificar el usuario.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
-msgstr ""
+msgstr "Usuario particular invalidado"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
-msgstr ""
+msgstr "Todos los usuarios invalidados"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1724,7 +1747,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Falta memoria\n"
@@ -1733,6 +1765,6 @@ msgstr "Falta memoria\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Envia el resultado de la depuración hacia archivos en lugar de stderr"
diff --git a/po/eu.po b/po/eu.po
index 9caa7b73f..f9a815490 100644
--- a/po/eu.po
+++ b/po/eu.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Basque (http://www.transifex.com/projects/p/fedora/language/"
@@ -256,827 +256,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA domeinua"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA zerbitzariaren helbidea"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA bezeroaren ostalari-izena"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "FAST gaitzen du"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "entryUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "lastUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "UID atributua"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "UUID atributua"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "objectSID atributua"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Izen osoa"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "shadowLastChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "shadowMin atributua"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "shadowMax atributua"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "shadowWarning atributua"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "shadowInactive atributua"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "shadowExpire atributua"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "shadowFlag atributua"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration atributua"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "ADren accountExpires atributua"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "ADren userAccountControl atributua"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "nsAccountLock atributua"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Talde-izena"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Taldearen pasahitza"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "GID atributua"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Taldearen UUID atributua"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Shell lehenetsia, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Inprimatu bertsio zenbakia eta irten"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Arazketa maila"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Gehitu arazketako data-zigiluak"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1144,10 +1154,10 @@ msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1157,10 +1167,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1239,22 +1249,22 @@ msgid "Specify user to add\n"
msgstr "Zehaztu gehitu beharreko erabiltzailea\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Errorea tresnak hasieratzean - domeinu lokalik ez\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Errorea tresnak hasieratzean\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Baliogabeko domeinua zehaztu da FQDN-n\n"
@@ -1275,7 +1285,7 @@ msgstr "Taldeek erabiltzailearen domeinu berean egon behar dute\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Ezin dira balio lehenetsiak ezarri\n"
@@ -1283,7 +1293,7 @@ msgstr "Ezin dira balio lehenetsiak ezarri\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "Hautatutako UIDa baimendutako bitartetik kanpo dago\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1341,22 +1351,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Zehaztu taldea ezabatzeko\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Barne errorea. Ezin izan da taldea kendu.\n"
@@ -1394,131 +1412,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sTaldea: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$sGID zenbakia: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1552,96 +1570,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Baliogabetu erabiltzaile bat"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Baliogabetu erabiltzaile guztiak"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Baliogabetu talde bat"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Baliogabetu talde guztiak"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Baliogabetu zerbitzu bat"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Baliogabetu zerbitzu guztiak"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1653,7 +1671,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1662,6 +1689,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/fr.po b/po/fr.po
index 13bb08349..3667acdab 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -4,14 +4,14 @@
#
# Translators:
# Fabien Archambault <marbolangos@gmail.com>, 2012.
-# Jérôme Fenal <jfenal@gmail.com>, 2012.
+# Jérôme Fenal <jfenal@gmail.com>, 2012-2013.
# Mariko Vincent <dweu60@gmail.com>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
-"PO-Revision-Date: 2012-10-06 13:02+0000\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
+"PO-Revision-Date: 2013-03-10 21:20+0000\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French <trans-fr@lists.fedoraproject.org>\n"
"Language: fr\n"
@@ -288,310 +288,327 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Afficher les utilisateurs/groupes dans un format complétement qualifié"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Durée de validité des entrées en cache (en secondes)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "Restreindre ou préférer une famille d'adresses lors des recherches DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Durée de validité des entrées en cache après la dernière connexion réussie "
"(en jours)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Délai d'attente des réponses du DNS lors de la résolution des serveurs (en "
"secondes)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "La partie domaine de la requête de découverte de service DNS"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "Écraser la valeur du GID du fournisseur d'identité avec cette valeur"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Considère les noms d'utilisateur comme casse dépendant"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Adresse du serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "Adresse du serveur IPA de secours"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Nom de système du client IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interface dont l'adresse IP doit être utilisée pour les mises à jour "
"dynamiques du DNS"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Base de recherche pour les objets HBAC"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Si les règles DENY sont présentes, utiliser soit DENY_ALL soit IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
"L'emplacement de la carte de montage automatique utilisée par le client IPA"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Base de recherche pour l'objet contenant les informations de base à propos "
"du domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Base de recherche pour les objets contenant les informations à propos des "
"plages d'ID"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Domaine Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Adresse du serveur Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Adresse du serveur Active Directory de secours"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Nom de système du client Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Adresse du serveur Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Adresse du serveur Kerberos de secours"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Domaine Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Délai avant expiration de l'authentification"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Répertoire pour stocker les caches de crédits"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Emplacement du cache de crédits de l'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Emplacement du fichier keytab de validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Activer la validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
"Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure "
"en ligne"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "Durée de vie renouvelable du TGT"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "Durée de vie du TGT"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Durée entre deux vérifications pour le renouvellement"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Active FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Sélectionne le principal pour être utilisé avec FAST"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Active la canonisation du principal"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serveur où tourne le service de changement de mot de passe s'il n'est pas "
"sur le KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'adresse du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, l'URI du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "La base DN par défaut"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Le DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Le type de jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Le jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Durée pendant laquelle il sera tenté d'établir la connexion"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "N'utiliser que des majuscules pour les noms de domaine"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Fichier contenant les certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Chemin vers le répertoire de certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Fichier contenant le certificat client"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Fichier contenant la clé du client"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Liste des suites de chiffrement possibles"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Requiert une vérification de certificat TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Spécifier le mécanisme SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Spécifier l'identité d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Spécifier le domaine d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Service du fichier keytab de Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Suivre les référents LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Durée de vie du TGT pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Comment déréférencer les alias"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Nom du service pour les recherches DNS"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Nombre de membres qui doivent être manquants pour activer un déréférencement "
"complet"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -599,346 +616,346 @@ msgstr ""
"Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le "
"nom d'hôte pendant une connexion SASL ?"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "attribut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "attribut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Combien de temps conserver la connexion au serveur LDAP avant de se "
"déconnecter"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "Désactiver le contrôle des pages LDAP"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Durée d'attente pour une requête de recherche"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "Durée d'attente pour une requête d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Durée entre deux mises à jour d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Durée entre les nettoyages de cache"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "TLS est requis pour les recherches d'identifiants"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-"
"établis"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Base DN pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Scope des recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filtre pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Classe d'objet pour les utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Attribut de nom d'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Attribut UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Attribut de GID primaire"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Attribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Attribut de répertoire utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Attribut d'interpréteur de commandes"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Attribut UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "attribut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Groupe primaire Active Directory pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Attribut d'utilisateur principal (pour Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Nom complet"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Attribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Attribut de date de modification"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "Attribut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "Attribut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "Attribut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "Attribut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "Attribut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "Attribut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "Attribut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "Attribut listant les services PAM autorisés"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Attribut listant les systèmes serveurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "Attribut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "Attribut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Attribut indiquant que la stratégie de mot de passe du serveur est active"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "Attribut AD accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "Attribut AD userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "Attribut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "Attribut NDS loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "Attribut NDS loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Attribut NDS loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "Attribut de clé public SSH"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "DN de base pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "Classe d'objet pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Nom du groupe"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Mot de passe du groupe"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "Attribut GID"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Attribut membre du groupe"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Attribut d'UUID du groupe"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Attribut de date de modification pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "Niveau de récursion maximum que SSSd doit suivre"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "DN de base pour les recherches de netgroup"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Classe d'objet pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Nom du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Attribut des membres des groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Attribut triplet du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Attribut d'UUID du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Attribut date de modification pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de service"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "Classe objet pour les services"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "Attribut de nom de service"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "Attribut de port du service"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "Attribut de service du protocole"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "Limite inférieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "Limite supérieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Nombre d'ID par tranche pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Utilisation d'un algorithme compatible autorid pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "Nom du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "SID du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes "
"d'initialisation"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Stratégie d'évaluation de l'expiration du mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Filtre LDAP pour déterminer les autorisations d'accès"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Quels attributs utiliser pour déterminer si un compte a expiré"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI d'un serveur LDAP de secours où sont autorisées les modifications de mot "
"de passe"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -946,23 +963,23 @@ msgstr ""
"Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un "
"changement de mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "Périodicité de rafraichissement total"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "Périodicité de rafraichissement intelligent"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -970,186 +987,182 @@ msgstr ""
"Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour "
"filtrer les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles "
"sudo"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent un netgroup dans l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent une expression rationnelle dans "
"l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "Classe objet pour les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "Règle de nom sudo"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "Attribut de commande de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "Attribut hôte de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "Attribut utilisateur de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "Attribut option de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr "Attribut runasuser de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut runasgroup de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "Attribut notbefore de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "Attribut notafter de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "Attribut d'ordre de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "Classe objet pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "Nom de l'attribut de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "Classe objet pour l'entrée de référence de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "Attribut de clé d'entrée pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "Attribut de valeur pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "Base DN pour les requêtes de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Liste, séparée par des virgules, d'utilisateurs interdits"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Interpréteur de commande par défaut : /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Base pour les répertoires utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Nom de la bibliothèque NSS à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Rechercher le nom canonique du groupe dans le cache si possible"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Pile PAM à utiliser"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Devenir un démon (par défaut)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Fonctionner en interactif (non démon)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Définir un fichier de configuration différent de celui par défaut"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Afficher le numéro de version et quitte"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr "SSSD est déjà en cours d'exécution\n"
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Niveau de débogage"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Ajouter l'horodatage au débogage"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Afficher l'horodatage en microsecondes"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Un descripteur de fichier ouvert pour les journaux de débogage"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Domaine du fournisseur d'informations (obligatoire)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
"Le socket privilégié a de mauvaises permissions ou un mauvais propriétaire."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
"Le socket public a de mauvaises permissions ou un mauvais propriétaire."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Le message du serveur de crédits a un format inattendu."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD n'est pas démarré par root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "Une erreur est survenue mais aucune description n'est trouvée."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "Erreur inattendue lors de la recherche de la description de l'erreur"
@@ -1220,10 +1233,10 @@ msgstr "Mot de passe expiré. Changez votre mot de passe maintenant."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Le niveau de débogage utilisé avec"
@@ -1233,10 +1246,10 @@ msgid "The SSSD domain to use"
msgstr "Le domaine SSSD à utiliser"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Erreur lors du paramétrage de la locale\n"
@@ -1315,22 +1328,22 @@ msgid "Specify user to add\n"
msgstr "Définir l'utilisateur à ajouter à\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Erreur à l'initialisation des outils - aucun domaine local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Erreur à l'initialisation des outils\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domaine invalide définit dans le FQDN\n"
@@ -1351,7 +1364,7 @@ msgstr "Les groupes doivent être dans le même domaine que l'utilisateur\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Impossible de trouver le groupe %1$s dans le domaine local\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Impossible de définir les valeurs par défaut\n"
@@ -1359,7 +1372,7 @@ msgstr "Impossible de définir les valeurs par défaut\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "L'UID sélectionné est en dehors de la plage autorisée\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Impossible de définir le contexte de connexion SELinux\n"
@@ -1422,18 +1435,26 @@ msgstr "Un groupe avec le même nom ou GID existe déjà\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Erreur de transaction. Impossible d'ajouter le groupe.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Spécifier le groupe à supprimer\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
"Le groupe %1$s est en dehors de la plage d'identifiants définie pour le "
"domaine\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1441,7 +1462,7 @@ msgstr ""
"Aucun groupe dans le domaine local. La suppression de groupes n'est "
"autorisée que dans le domaine local.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Erreur interne. Impossible de supprimer le groupe.\n"
@@ -1485,42 +1506,42 @@ msgstr ""
"Impossible de trouver le groupe %1$s dans le domaine local, seuls les "
"groupes du domaine local sont autorisés\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Impossible de modifier le groupe - vérifier que les noms des groupes membres "
"sont corrects\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Impossible de modifier le groupe - vérifier que le nom du groupe est "
"correct\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Erreur de transaction. Impossible de modifier le groupe.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sGroup: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magie privée"
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$s GID numéro : %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "Utilisateurs membres de %1$s :"
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1529,7 +1550,7 @@ msgstr ""
"\n"
"%1$s est membre de : "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1538,15 +1559,15 @@ msgstr ""
"\n"
"Groupes membres de %1$s : "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Afficher les membres du groupe indirects récursivement"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Définir le groupe à afficher\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1554,81 +1575,81 @@ msgstr ""
"Aucun groupe dans le domaine local. L'affichage des groupes n'est autorisé "
"que dans le domaine local.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Erreur interne. Impossible d'afficher le groupe.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Suppression du répertoire personnel et de gestion des mails"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Ne pas supprimer le répertoire personnel et de gestion des mails"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Forcer la suppression des fichiers n'appartenant pas à l'utilisateur"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Tuer les processus de l'utilisateur avant de le supprimer"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Définir l'utilisateur à supprimer\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"L'utilisateur %1$s est en dehors de la plage d'identifiants définie pour le "
"domaine\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Impossible de réinitialiser le contexte de connexion SELinux\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"ATTENTION : l'utilisateur (uid %1$lu) était encore connecté lors de sa "
"suppression.\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Impossible de savoir si l'utilisateur était connecté sur cette plateforme"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Erreur en vérifiant si l'utilisateur était connecté\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "La commande post-suppression a échoué : %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Le répertoire personnel n'est pas supprimé - l'utilisateur n'en est pas le "
"propriétaire\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Impossible de supprimer le répertoire utilisateur : %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Aucun utilisateur dans le domaine local. La suppression des utilisateurs "
"n'est autorisée que dans le domaine local.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Erreur interne. Impossible de supprimer l'utilisateur.\n"
@@ -1664,100 +1685,100 @@ msgstr ""
"Impossible de trouver l'utilisateur dans le domaine local, la modification "
"des utilisateurs n'est autorisée que dans le domaine local\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Impossible de modifier l'utilisateur - vérifiez que les noms de groupe sont "
"corrects\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Impossible de modifier l'utilisateur - l'utilisateur est déjà membre du "
"groupe ?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "Aucun %1$s nommé %2$s, on passe\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "Aucun objet de type %1$s dans le cache, on passe\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Impossible d'invalider %1$s"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Impossible d'invalider %1$s %2$s"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Invalider un utilisateur spécifique"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Invalider tous les utilisateurs"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Invalider un groupe particulier"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Invalider tous les groupes"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "Invalider un groupe réseau particulier"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "Invalider tous les groupes réseau"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Invalidation d'un service particulier"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Invalidation de tous les services"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "Invalidation d'une carte autofs particulière"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "Invalidation de toutes les cartes autofs"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "N'invalider des entrées que d'un domaine spécifique"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr "Merci de sélectionner au moins un objet à invalider\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "Impossible d'ouvrir le domaine %1$s\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "Impossible d'ouvrir aucun des domaines disponibles\n"
@@ -1769,7 +1790,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "Définir le niveau de débogage à utiliser\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Mémoire saturée\n"
@@ -1778,8 +1808,11 @@ msgstr "Mémoire saturée\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s doit être lancé en tant que root\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
"Envoyer la sortie de débogage vers un fichier plutôt que vers la sortie "
"standard"
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "SSSD est déjà en cours d'exécution\n"
diff --git a/po/hu.po b/po/hu.po
index 7dc1da8b8..ddf57dc50 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Hungarian <trans-hu@lists.fedoraproject.org>\n"
@@ -255,827 +255,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA kliens hosztneve"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos-kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberos-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Alapértelmezett LDAP alap-DN-je"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "TLS tanusítvány ellenőrzése"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "TLS megkövetelése ID keresésekor"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "GECOS attribútum"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Teljes név"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Csoport neve"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Csoport jelszava"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Mikroszekundum pontosságú időbélyegek"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1143,10 +1153,10 @@ msgstr "A jelszava lejárt, változtass meg most."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1156,10 +1166,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1238,22 +1248,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1274,7 +1284,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Nem lehet beállítani az alapértékeket\n"
@@ -1282,7 +1292,7 @@ msgstr "Nem lehet beállítani az alapértékeket\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "A megadott UID kívül esik a megengedett tartományon\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1342,22 +1352,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1395,131 +1413,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Ne törölje a saját könyvtárat és a helyi levelezést"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Nem a felhasználó tulajdonában lévő fájlok törlése"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Felhasználó programjainak kilövése az eltávolítás előtt"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Adja meg a törlendő felhasználót\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Belső hiba történt, nem lehetett eltávolítani a felhasználót.\n"
@@ -1553,96 +1571,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Tranzakcióhiba történt, a felhasználó nem módosítható.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1654,7 +1672,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Elfogyott a memória\n"
@@ -1663,6 +1690,6 @@ msgstr "Elfogyott a memória\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/id.po b/po/id.po
index 63b1262d2..96d9e3588 100644
--- a/po/id.po
+++ b/po/id.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Indonesian <trans-id@lists.fedoraproject.org>\n"
@@ -254,827 +254,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Domain IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Alamat server IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Nama host klien IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Alamat server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Lamanya waktu untuk mencoba koneksi"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Membutuhkan verifikasi sertifikat TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Tentukan mekanisme sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Tentukan id otorisasi sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Keytab layanan Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Lingkup pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Atribut GID Primer"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Atribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Atribut direktori Home"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Atribut Shell"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Atribut UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Atribut utama pengguna (untuk Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Nama Lengkap"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Shell default, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1142,10 +1152,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1155,10 +1165,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1237,22 +1247,22 @@ msgid "Specify user to add\n"
msgstr "Tentukan pengguna untuk ditambahkan\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Gagal saat menginisialisasi perkakas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domain yang ditentukan dalam FQDN tidak valid\n"
@@ -1273,7 +1283,7 @@ msgstr "Grup harus berada dalam domain yang sama dengan pengguna\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Tidak dapat menetapkan nilai default\n"
@@ -1281,7 +1291,7 @@ msgstr "Tidak dapat menetapkan nilai default\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "UID yang dipilih berada di luar rentang yang diizinkan\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1340,16 +1350,24 @@ msgstr "Grup dengan nama atau GID yang sama sudah ada\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Kesalahan transaksi. Tidak dapat menambahkan grup.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1357,7 +1375,7 @@ msgstr ""
"Tidak ada grup seperti itu di domain lokal. Menghapus grup hanya "
"diperbolehkan dalam domain lokal.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Kesalahan internal. Tidak dapat menghapus grup.\n"
@@ -1399,134 +1417,134 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Tidak bisa memodifikasi grup - periksa apakah nama grup anggota sudah benar\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr "Tidak bisa memodifikasi grup - periksa apakah groupname sudah benar\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Kesalahan transaksi. Tidak bisa memodifikasi grup.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Hapus direktori home, dan spool mail"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Jangan hapus direktori home dan spool mail"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Paksa penghapusan berkas yang tidak dimiliki oleh pengguna"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Tentukan pengguna yang akan dihapus\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "Tidak menghapus home dir - tidak dimiliki oleh pengguna\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Tidak ada pengguna seperti itu di domain lokal. Menghapus pengguna hanya "
"diperbolehkan dalam domain lokal.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Kesalahan internal. Tidak dapat menghapus pengguna.\n"
@@ -1562,98 +1580,98 @@ msgstr ""
"Tidak dapat menemukan pengguna dalam domain lokal, memodifikasi pengguna "
"hanya diperbolehkan dalam domain lokal\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Tidak bisa memodifikasi pengguna - periksa apakah nama grup sudah benar\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Tidak bisa memodifikasi pengguna - pengguna sudah menjadi anggota kelompok?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Kesalahan transaksi. Pengguna tidak dapat dimodifikasi.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1665,7 +1683,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Kehabisan memori\n"
@@ -1674,6 +1701,6 @@ msgstr "Kehabisan memori\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/it.po b/po/it.po
index ff4a6e2d1..eee64736b 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Italian <trans-it@lists.fedoraproject.org>\n"
@@ -258,834 +258,844 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Mostrare utenti/gruppi in formato fully-qualified"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Durata timeout elementi in cache (secondi)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringere o preferire una specifica famiglia di indirizzi per l'esecuzione "
"di lookup DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Per quanto tempo tenere in cache gli elementi dopo un login che ha avuto "
"successo (giorni)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Il tempo di attesa per le richieste DNS (secondi)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Indirizzo del server IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Hostname del client IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti "
"DNS dinamici."
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Indirizzo del server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Timeout di autenticazione"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Directory in cui salvare le credenziali"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Percorso della cache delle credenziali utente"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Percorso del keytab per la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Abilita la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Intervallo di tempo tra due controlli di rinnovo"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Abilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server dove viene eseguito il servizio di cambio password, se non nel KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'indirizzo del server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Il base DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Il bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Il tipo di token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Il token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Durata del tentativo di connessione"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durata tra tentativi di riconnessione quando offline"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Usare solo maiuscole per i nomi dei realm"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "File contenente i certificati CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Percorso della directory dei cerficati della CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "File contenente il certificato client"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "File contenente la chiave client"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Lista delle possibili cipher suite"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Richiedere la verifica del certificato TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Specificare il meccanismo sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Specificare l'id di autorizzazione sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Keytab del servizio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usare autorizzazione Kerberos per la connessione LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Seguire i referral LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Metodo di deferenziazione degli alias"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Durata attesa per le richieste di ricerca"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Durata tra gli aggiornamenti alle enumeration"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Intervallo di tempo per la pulizia cache"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Richiedere TLS per gli ID lookup"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Ambito di applicazione dei lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filtro per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Attributo del GID primario"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Attributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Attributo della home directory"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Attributo della shell"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Attributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Attributo user principal (per Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Nome completo"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Politica per controllare la scadenza della password"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP per determinare i privilegi di accesso"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Lista separata da virgola degli utenti abilitati"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Lista separata da virgola degli utenti non abilitati"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Shell predefinita, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Base delle home directory"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Il nome della libreria NSS da usare"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Stack PAM da usare"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Esegui come demone (default)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Esegui interattivamente (non come demone)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Specificare un file di configurazione specifico"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Livello debug"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Includi timestamp di debug"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Un descrittore di file aperto per l'output di debug"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del provider di informazioni (obbligatorio)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Il socket privilegiato ha permessi o propritario non validi."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "Il socket pubblico ha permessi o propritario non validi."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD non è eseguito da root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1153,10 +1163,10 @@ msgstr "Password scaduta. Cambiare la password ora."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Il livello di debug da utilizzare"
@@ -1166,10 +1176,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Errore di impostazione del locale\n"
@@ -1248,22 +1258,22 @@ msgid "Specify user to add\n"
msgstr "Specificare un utente da aggiungere\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Errore durante l'inizializzazione degli strumenti - nessun dominio\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Errore durante l'inizializzazione degli strumenti\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Il dominio specificato nel FQDN non è valido\n"
@@ -1284,7 +1294,7 @@ msgstr "I gruppi devono essere nello stesso dominio dell'utente\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Impossibile impostare i valori predefiniti\n"
@@ -1292,7 +1302,7 @@ msgstr "Impossibile impostare i valori predefiniti\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "L'UID specificato non rientra nel range permesso\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1352,16 +1362,24 @@ msgstr "Gruppo con lo stesso nome o GID già esistente\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Errore della transazione. Impossibile aggiungere il gruppo.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Specificare il gruppo da eliminare\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1369,7 +1387,7 @@ msgstr ""
"Gruppo non presente nel dominio locale. L'eliminazione di gruppi è permessa "
"solo nel dominio locale.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Errore interno. Impossibile rimuovere il gruppo.\n"
@@ -1410,64 +1428,64 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Impossibile modificare il gruppo - controllare che i nomi dei gruppi siano "
"corretti\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Impossibile modificare il gruppo - controllare che il nome del gruppo sia "
"corretto\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Errore della transazione. Impossibile modificare il gruppo.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magic Private "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Mostra ricorsivamente i membri indiretti del gruppo"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Specificare il gruppo da mostrate\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1475,74 +1493,74 @@ msgstr ""
"Gruppo non presente nel dominio locale. La stampa dei gruppi è permessa solo "
"nel dominio locale.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Errore interno. Impossibile stampare il gruppo.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Eliminare home directory e spool di mail"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Non eliminare la home directory e lo spool di mail"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Forza la rimozione dei file non di proprietà dell'utente"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Specificare l'utente da cancellare\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "Home directory non eliminata - non appartiene all'utente\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Utente non presente nel dominio locale. L'eliminazione degli utenti è "
"permessa solo nel dominio locale.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Errore interno. Impossibile rimuovere l'utente.\n"
@@ -1578,98 +1596,98 @@ msgstr ""
"Utente non presente nel dominio locale. La modifica degli utenti è permessa "
"solo nel dominio locale.\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Impossibile modificare l'utente - controllare che i nomi dei gruppi siano "
"corretti\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr "Impossibile modificare l'utente - utente già membro di gruppi?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Errore nella transazione. Impossibile modificare l'utente.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1681,7 +1699,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Memoria esaurita\n"
@@ -1690,6 +1717,6 @@ msgstr "Memoria esaurita\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Redirigere l'output di debug su file anzichè stderr"
diff --git a/po/ja.po b/po/ja.po
index ab5eefbd2..4167a01ea 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-09 07:17+0000\n"
"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
@@ -261,292 +261,308 @@ msgid "Display users/groups in fully-qualified form"
msgstr "ユーザー・グループを完全修飾形式で表示する"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "エントリーキャッシュのタイムアウト長(秒)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "DNS 検索を実行するときに特定のアドレスファミリーを制限または優先します"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr "最終ログイン成功時からキャッシュエントリーを保持する日数"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "サーバーを名前解決するときに DNS から応答を待つ時間(秒)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "サービス検索 DNS クエリーのドメイン部分"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "識別プロバイダーからの GID 値をこの値で上書きする"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "ユーザー名が大文字小文字を区別するよう取り扱う"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "バックアップ IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA クライアントのホスト名"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "動的 DNS 更新のために使用される IP のインターフェース"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "HBAC 関連オブジェクトの検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "DENY ルールが存在すると、DENY_ALL または IGNORE です"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "この IPA クライアントが使用している automounter の場所"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Active Directory ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Active Directory サーバーアドレス"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Active Directory バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Active Directory クライアントホスト名"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Kerberos バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberos レルム"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "認証のタイムアウト"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "クレディンシャルのキャッシュを保存するディレクトリー"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "ユーザーのクレディンシャルキャッシュの位置"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "クレディンシャルを検証するキーテーブルの場所"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "クレディンシャルの検証を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "更新可能な TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "更新を確認する間隔"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "FAST を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "FAST に使用するプリンシパルを選択する"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "プリンシパル正規化を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "デフォルトのベース DN"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "デフォルトのバインド DN"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークンの種類"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークン"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "LDAP 同期操作を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "オフラインの間に再接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "レルム名に対して大文字のみを使用する"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "CA 証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "CA 証明書のディレクトリーのパス"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "クライアント証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "クライアントの鍵を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "利用可能な暗号の一覧"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "TLS 証明書の検証を要求する"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "使用する SASL メカニズムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "使用する SASL 認可 ID を指定する"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "使用する SASL 認可レルムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "LDAP SASL 認可の最小 SSF を指定する"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Kerberos サービスのキーテーブル"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "LDAP 接続に対して Kerberos 認証を使用する"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "LDAP リフェラルにしたがう"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "LDAP 接続の TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "エイリアスを参照解決する方法"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "DNS サービス検索のサービス名"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "単一の LDAP 問い合わせにおいて取得するレコード数"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -554,360 +570,360 @@ msgstr ""
"LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す"
"るかどうか"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "entryUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "lastUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "LDAP サーバーを切断する前に接続を保持する時間"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "LDAP ページング制御を無効化する"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "検索要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "列挙の要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "列挙の更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "キャッシュをクリーンアップする間隔"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "ID 検索に TLS を要求する"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "ユーザー検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "ユーザー検索の範囲"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "ユーザー検索のフィルター"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "ユーザーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "ユーザー名の属性"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "UID の属性"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "プライマリー GID の属性"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "GECOS の属性"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "ホームディレクトリの属性"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "シェルの属性"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "UUID の属性"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "objectSID 属性"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "ID マッピングの Active Directory プライマリーグループ属性"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "ユーザープリンシパルの属性(Kerberos 用)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "氏名"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "memberOf 属性"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "shadowLastChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "shadowMin 属性"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "shadowMax 属性"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "shadowWarning 属性"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "shadowInactive 属性"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "shadowExpire 属性"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "shadowFlag 属性"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "認可された PAM サービスを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "認可されたサーバーホストを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration 属性"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr "サーバー側パスワードポリシーが有効であることを意味する属性"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "AD の accountExpires 属性"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "AD の userAccountControl 属性"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "nsAccountLock 属性"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "NDS の loginDisabled 属性"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS の loginExpirationTime 属性"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS の loginAllowedTimeMap 属性"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "SSH 公開鍵の属性"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "グループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "グループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "グループ名"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "グループのパスワード"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "GID 属性"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "グループメンバー属性"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "グループ UUID 属性"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "グループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "SSSd がしたがう最大入れ子レベル"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "ネットグループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "ネットグループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "ネットグループ名"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "ネットグループメンバーの属性"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "ネットグループの三つ組の属性"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "ネットグループ UUID の属性"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "ネットグループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "サービス検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "サービスのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "サービス名の属性"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "サービスポートの属性"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "サービスプロトコルの属性"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "ID マッピングの下限"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "ID マッピングの上限"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr "ID マッピングするとき、各スライスに対する ID の数"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの名前"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの SID"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "パスワード失効の評価のポリシー"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "アクセス権限を決めるための LDAP フィルター"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr "どのルールがアクセス制御を評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可される LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "LDAP パスワードの変更サーバーの DNS サービス名"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "sudo ルール検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "自動的な完全更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "自動的なスマート更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう"
"か"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -915,181 +931,177 @@ msgstr ""
"sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン"
"名"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット"
"ワーク"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr "ホスト属性に正規表現を含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "sudo ルールのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "sudo ルール名"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "sudo ルールのコマンドの属性"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "sudo ルールのホストの属性"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "sudo ルールのユーザーの属性"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "sudo ルールのオプションの属性"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr "sudo ルールの runasuser の属性"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "sudo ルールの runasgroup の属性"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "sudo ルールの notbefore の属性"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "sudo ルールの notafter の属性"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "sudo ルールの order の属性"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "automounter マップのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "オートマウントのマップ名の属性"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "automounter マップエントリーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "automounter マップエントリーのキー属性"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "automounter マップエントリーの値属性"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "automonter のマップ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "許可ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "禁止ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "デフォルトのシェル, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "ホームディレクトリーのベース"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "使用する NSS ライブラリーの名前"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "使用する PAM スタック"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "デーモンとして実行(デフォルト)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "対話的に実行(デーモンではない)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "非標準の設定ファイルの指定"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "バージョン番号を表示して終了する"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr "SSSD はすでに動作中です\n"
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "デバッグレベル"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "デバッグのタイムスタンプを追加する"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "タイムスタンプをミリ秒単位で表示する"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "デバッグログのオープンファイルディスクリプター"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "情報プロバイダーのドメイン (必須)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "特権ソケットの所有者またはパーミッションが誤っています。"
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "公開ソケットの所有者またはパーミッションが誤っています。"
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "サーバーのクレディンシャルメッセージの予期しない形式です。"
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD は root により実行されません。"
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "エラーが発生しましたが、説明がありませんでした。"
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "エラーの説明を検索中に予期しないエラーが発生しました"
@@ -1157,10 +1169,10 @@ msgstr "パスワードの期限が切れました。いますぐパスワード
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "実行するデバッグレベル"
@@ -1170,10 +1182,10 @@ msgid "The SSSD domain to use"
msgstr "使用する SSSD ドメイン"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "ロケールの設定中にエラーが発生しました\n"
@@ -1252,23 +1264,23 @@ msgid "Specify user to add\n"
msgstr "追加するユーザーを指定してください\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
"ツールを初期化中にエラーが発生しました - ローカルドメインがありません\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "ツールを初期化中にエラーが発生しました\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "FQDN で指定されたドメインが無効です\n"
@@ -1289,7 +1301,7 @@ msgstr "グループがユーザーと同じドメインになければいけま
msgid "Cannot find group %1$s in local domain\n"
msgstr "ローカルドメインにグループ %1$s を見つけられません\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "デフォルト値を設定できません\n"
@@ -1297,7 +1309,7 @@ msgstr "デフォルト値を設定できません\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "選択された UID は許容される範囲を越えています\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "SELinux ログインコンテキストを設定できません\n"
@@ -1357,16 +1369,24 @@ msgstr "同じ名前または GID を持つグループがすでに存在しま
msgid "Transaction error. Could not add group.\n"
msgstr "トランザクションエラー。グループを追加できませんでした。\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "削除するグループを指定してください\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr "グループ %1$s はドメインに対して定義された ID の範囲を越えています\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1374,7 +1394,7 @@ msgstr ""
"そのようなグループはローカルドメインにありません。グループの削除はローカルド"
"メインにおいてのみ許可されます。\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "内部エラー。グループを削除できませんでした。\n"
@@ -1416,41 +1436,41 @@ msgstr ""
"ローカルドメインにグループ %1$s が見つかりません。ローカルドメインにあるグ"
"ループのみが許可されます\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"グループを変更できませんでした - メンバーグループ名が正しいかを確認してくださ"
"い\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"グループを変更できませんでした - グループ名が正しいかを確認してください\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "トランザクションエラー。グループを変更できませんでした。\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$s グループ: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "マジックプライベート "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$s GID 番号: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "%1$s メンバーユーザー: "
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1459,7 +1479,7 @@ msgstr ""
"\n"
"%1$s は次のメンバー: "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1468,15 +1488,15 @@ msgstr ""
"\n"
"%1$s メンバーグループ: "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "間接グループメンバーを再帰的に表示する"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "表示するグループを指定してください\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1484,77 +1504,77 @@ msgstr ""
"そのようなグループはローカルドメインにありません。グループの表示はローカルド"
"メインにおいてのみ許可されます。\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "内部エラー。グループを表示できませんでした。\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "ホームディレクトリーとメールスプールを削除する"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "ホームディレクトリーとメールスプールを削除しない"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "ユーザーにより所有されていないファイルの強制削除"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "ユーザーを削除する前にそのユーザーのプロセスを強制停止する"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "削除するユーザーを指定する\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr "ユーザー %1$s はドメインに対して定義された ID の範囲を超えています\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "SELinux ログインコンテキストをリセットできません\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"警告: ユーザー (uid %1$lu) が削除されたときにまだログインしていました。\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"ユーザーがこのプラットフォームにログインしていたかを確認できませんでした"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "ユーザーがログインしていたかを確認中にエラーが発生しました\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "削除後コマンドの実行に失敗しました: %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"ホームディレクトリーを削除していません - ユーザーにより所有されていません\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "ホームディレクトリーを削除できません: %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"そのようなユーザーはローカルドメインにいません。ユーザーの削除はローカルドメ"
"インにおいてのみ許可されます。\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "内部エラー。ユーザーを削除できませんでした。\n"
@@ -1590,98 +1610,98 @@ msgstr ""
"ローカルドメインにユーザーを見つけられません。ユーザーの変更はローカルドメイ"
"ンにおいてのみ許可されます。\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"ユーザーを変更できませんでした - グループ名が正しいかを確認してください\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"ユーザーを変更できませんでした - ユーザーはすでにグループのメンバーですか?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "トランザクションエラー。ユーザーを変更できませんでした。\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "%2$s という名前の %1$s はありません、スキップします\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "キャッシュに形式 %1$s のオブジェクトがありません、スキップします\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "%1$s を無効化できませんでした"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "%1$s %2$s を無効化できませんでした"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "特定のユーザーを無効にする"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "すべてのユーザーを無効にする"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "特定のグループを無効にする"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "すべてのグループを無効にする"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "特定のネットワークグループを無効にする"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "すべてのネットワークグループを無効にする"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "特定のサービスの無効化"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "すべてのサービスの無効化"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "特定の autofs マップの無効化"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "すべての autofs マップの無効化"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "特定のドメインのみからエントリーを無効にする"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "ドメイン %1$s を開けませんでした\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "利用可能なドメインを開けませんでした\n"
@@ -1693,7 +1713,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "設定したいデバッグレベルを指定する\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "メモリー不足\n"
@@ -1702,6 +1731,9 @@ msgstr "メモリー不足\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s は root として実行する必要があります\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "デバッグ出力を標準エラーの代わりにファイルに送信する"
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "SSSD はすでに動作中です\n"
diff --git a/po/nb.po b/po/nb.po
index 3c68ff808..d983547e1 100644
--- a/po/nb.po
+++ b/po/nb.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
@@ -255,827 +255,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-domene"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA-tjeneradresse"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Vertsnavn for IPA-klient"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Tjeneradresse for Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberos-område"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Tidsavbrudd for autentisering"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1143,10 +1153,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1156,10 +1166,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1238,22 +1248,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1274,7 +1284,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr ""
@@ -1282,7 +1292,7 @@ msgstr ""
msgid "The selected UID is outside the allowed range\n"
msgstr ""
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1340,22 +1350,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1393,131 +1411,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1551,96 +1569,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1652,7 +1670,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1661,6 +1688,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/nl.po b/po/nl.po
index 72797d51b..bc365475d 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-07 14:53+0000\n"
"Last-Translator: Geert Warrink <geert.warrink@onsnet.nu>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/"
@@ -283,311 +283,329 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Laat gebruikers/groepen in volledige vorm zien"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Entry cache timeout duur (in seconden)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Beperk of geef de voorkeur aan een specifieke adresfamilie wanneer er DNS-"
"lookups uitgevoerd worden"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Hoe lang blijven gegevens opgeslagen na een succesvolle login (in dagen)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Hoe lang te wachten op antwoord van de DSN bij het opzoeken van servers (in "
"seconden)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "Het domeingedeelte van DNS queries die service discovery uitvoeren"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "Overschrijf GID waarde van de identiteit aanbieder met deze waarde"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Behandel gebruikersnamen als hoofdlettergevoelig"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-domein"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "Adres van back-up IPA server"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA-clienthostname"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
+"FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken "
"van de DNS"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Zoek basis voor HBAC gerelateerde objecten"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Als DENY regels aanwezig zijn, dat DENY_ALL of IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Als dit op false ingesteld is, wordt het host argument gegeven door PAM "
"genegeerd"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "De automounter locatie die door deze IPA client wordt gebruikt"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr "Zoek in base voor object die info over IPA domein bevat "
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr "Zoek in base voor objecten die info over ID bereiken bevat"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Active Directory domein"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Active Directory server adres"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Active Directory back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Active Directory cliënt hostnaam"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Kerberos back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberos-rijk"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Authenticatie timeout"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Werkmap waar authenticatiegegevens opgeslagen worden"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Locatie van de authenticatiecache van de gebruiker"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Locatie van de keytab om authenticatiegegevens te valideren"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Schakel authenticatiegegevensvalidatie in"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
"Sla het wachtwoord op indien offline voor later gebruik bij online "
"authenticatie"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "Vernieuwbare levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "Levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Tijd tussen twee checks voor vernieuwing"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Zet FAST aan"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST "
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Zet hoofdpersoon sanctioneren aan"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, de URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, De URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "De standaard base DN"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "De standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Het type authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Het authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Hoe lang pogen te verbinden"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Hoe lang proberen synchroon LDAP te benaderen"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens "
"offline zijn"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Gebruik alleen hoofdletters voor gebiedsnamen"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Bestand dat de bekende CA-certificaten bevat"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Pad naar de CA-certificatenmap"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Bestand dat het client certificaat bevat"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Bestand dat de client sleutel bevat"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Lijst van mogelijke sleutel suites"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Vereis verificatie van het TLS-certificaat"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Specificeer het te gebruiken sasl autorisatiegebied "
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Kerberos service keytab"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Volg LDAP-doorverwijzingen"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Levensduur van TGT voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Hoe moet de alias referentie verwijderd worden"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Service naam voor DNS service opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
"Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Het aantal leden van moet ontbreken om een volledige de-referentie te "
"veroorzaken"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -595,342 +613,342 @@ msgstr ""
"Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te "
"autoriseren tijdens een SASL binding"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "entryUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "lastUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het "
"losgekoppeld wordt"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "Het LDAP paging besturingselement uitschakelen"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Tijd om te wachten op een zoekopdracht"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "Tijdsduur te wachten voor een opsommingsverzoek"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Tijd om te wachten tussen enumeratie-updates"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Tijdsduur tussen cache opschoningen"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Vereis TLS voor het opzoeken van ID's"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Base DN voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Scope voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filter voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass voor gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Username-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "UID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Primair GID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "GECOS-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Gebruikersmap-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Shell-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "UUID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "objectSID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Active Directory primaire groep attribuut voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Userprincipal-attribuut (voor Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Volledige naam"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "memberOf-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Modification time-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "shadowLastChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "shadowMin attribuut"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "shadowMax attribuut"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "shadowWarning attribuut"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "shadowInactive attribuut"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "shadowExpire attribuut"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "shadowFlag attribuut"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "Attribuut voor tonen van geautoriseerde PAM services"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Attribuut dat geautoriseerde server hosts toont"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration attribuut"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "accountExpires attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "userAccountControl attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "nsAccountLock attribuut"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "SSH publieke sleutel attribuut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "Basis DN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "Objectklasse voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Groepsnaam"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Groep wachtwoord"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "GID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Groep deelnemer attribuut"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Groep UUID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Verandertijd attribuut voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximale nest niveau dat SSSd zal volgen"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "Basis DN voor netgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Objectklasse voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Netgroep naam"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Netgroep leden attribuut"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Netgroep triple attibuut"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Netgroep UUID attibuut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Verandertijd attribuut voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "Basis DN voor service lookups"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "Objectclass voor services"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "Service naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "Service port attribuut"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "Service protocol attribuut"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "Ondergrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "Bovengrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Aantal ID's voor elk segment bij ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "Naam van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "SID van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Policy om wacthwoordverloop mee te evalueren"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter om toegangsprivileges mee te bepalen"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Welke attributen worden gebruikt voor evaluatie als het account verlopen is"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "DNS service naam voor LDAP wachtwoord verander server"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -938,23 +956,23 @@ msgstr ""
"Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een "
"wachtwoordwijziging"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "Basis DN voor sudo regels lookups"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "Automatische volledige ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "Automatische slimme ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -962,185 +980,181 @@ msgstr ""
"Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor "
"het filteren van sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo "
"regels"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die netgroep bevatten in host attribuut "
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die regulaire expressie bevatten in host "
"attribuut "
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "Objectklasse voor sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "Sudo regelnaam"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "Sudo regel opdracht attribuut"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "Sudo regel host attribuut"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "Sudo regel gebruiker attribuut"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "Sudo regel optie attribuut"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr "Sudo regel runasuser attribuut"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "Sudo regel runasgroup attribuut"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "Sudo regel notbefore attribuut"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "Sudo regel notafter attribuut"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "Sudo regel volgorde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "Object class voor automounter maps"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "Automounter map naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "Objectklasse voor automounter map ingaven"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "Automounter map sleutel ingave attribuut"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "Automounter map ingavewaarde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "Basis DN voor automounter kaart opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Kommagescheiden lijst van toegestane gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Kommagescheiden lijst van geweigerde gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Standaard shell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Basis voor gebruikersmappen"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "De naam van de NSS-bibliotheek die gebruikt wordt"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden "
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "PAM-stack die gebruikt wordt"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Start in de achtergrond (standaard)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Start interactief (standaard)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Geef een niet-standaard configuratiebestand op"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Print versie nummer en sluit af"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr "SSSD draait al\n"
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Debug niveau"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Voeg tijdstempels toe aan debugberichten"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Toon tijdstempel met microseconden"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Een geopend bestand voor de debug logs"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Domein voor de informatie provider (verplicht)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Socket met privileges heeft verkeerde rechten of eigendom."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiek socket heeft verkeerde rechten of eigendom."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Onverwacht formaat van het inloggegevensbericht van de server."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD wordt niet door root gestart."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
"Er is een fout opgetreden, maar er kan geen omschrijving gevonden worden."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "Onverwachtte fout bij het opzoeken van een omschrijving"
@@ -1209,10 +1223,10 @@ msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Het debugniveau waarmee gestart wordt"
@@ -1222,10 +1236,10 @@ msgid "The SSSD domain to use"
msgstr "Hrt te gebruiken SSSD domein"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Fout bij het zetten van de locale\n"
@@ -1304,22 +1318,22 @@ msgid "Specify user to add\n"
msgstr "Geef gebruiker op om toe te voegen\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Fout bij de initialisatie van de tools - geen lokaal domein\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Fout bij de initialisatie van de tools\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Verkeerd domein gespecificeerd in de FQDN\n"
@@ -1343,7 +1357,7 @@ msgstr ""
"Kan groep %1$s niet in lokale domein vinden\n"
"\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Kan de standaardwaarden niet zetten\n"
@@ -1351,7 +1365,7 @@ msgstr "Kan de standaardwaarden niet zetten\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "De geselecteerde UID valt buiten het toegestane bereik\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Kan de SELinux login context niet zetten\n"
@@ -1409,16 +1423,24 @@ msgstr "Een groep met een zelfde naam of GID bestaat reeds\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Transactiefout. Kan de groep niet toevoegen\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Geef groep op om te verwijderen\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr "Groep %1$s ligt buiten het gedefinieerde ID gebied voor domein\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1426,7 +1448,7 @@ msgstr ""
"Groep niet gevonden in lokaal domein. Verwijderen van groepen is alleen "
"toegestaan in lokaal domein.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Interne fout. Kan de groep niet verwijden.\n"
@@ -1470,41 +1492,41 @@ msgstr ""
"Kan groep %1$s niet in lokale domein vinden, alleen groepen in lokale domein "
"zijn toegestaan\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Kan de groep niet aanpassen - controleer of de namen van de lidmaatschappen "
"correct zijn\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Kan de groep niet aanpassen - controleer of de naam van de groep correct is\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Transactiefout. Kan de groep niet aanpassen.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sGroep: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magic Private "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$sGID nummer: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "%1$sLid gebruikers: "
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1513,7 +1535,7 @@ msgstr ""
"\n"
"%1$sIs lid van: "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1522,15 +1544,15 @@ msgstr ""
"\n"
"%1$sLid groepen: "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Geef indirecte groepslidmaatschappen recursief weer"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Specificeer de te tonen groep\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1538,79 +1560,79 @@ msgstr ""
"Groep bestaat niet in het lokale domein. Weergave van groepen is alleen "
"toegestaan in het lokale domein.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Interne fout. Kan de groep niet weergeven.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Verwijder gebruikersmap en postbestand"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Verwijder gebruikersmap en postbestand niet"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
"Forceer het verwijderen van bestanden die niet aan de gebruiker toebehoren"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
"Kill de processen van de gebruiker voordat de gebruiker verwijderd wordt"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Specificeer de te verwijderen gebruiker\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr "Gebruiker %1$s ligt buiten het gedefinieerde ID bereik voor domein\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Kan de SELinux logincontext niet herstellen\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"WAARSCHUWING: De gebruiker (uid %1$lu) was nog ingelogd bij het "
"verwijderen.\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Kan niet bepalen of de gebruiker was ingelogd op dit platform"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Fout bij het controleren of de gebruiker was ingelogd\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Het post-verwijder commando mislukte: %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"De gebruikersmap wordt niet verwijderd - de gebruiker is geen eigenaar\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Kan persoonlijke map niet verwijderen: %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Gebruiker bestaat niet in het lokale domein. Het verwijderen van gebruikers "
"is alleen in het lokale domein toegestaan.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Interne fout. Kan de gebruiker niet verwijderen.\n"
@@ -1646,99 +1668,99 @@ msgstr ""
"Kan de gebruiker niet vinden in het lokale domein, het aanpassen van "
"gebruikers is alleen toegestaan in het lokale domein\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Kan de gebruiker niet aanpassen - controleer of de groepsnamen correct zijn\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Kan de gebruiker niet aanpassen - is de gebruiker reeds lid van de groepen?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Transactiefout. Kan de gebruiker niet aanpassen.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
"Geen enkel cache object komt overeen met de gespecificeerde zoekopdracht\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "Er is geen %1$s met de naam %2$s, wordt overgeslagen\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "Er zijn geen objecten met type %1$s in de cache, worden overgeslagen\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Kon %1$s niet ongeldig maken"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Kon %1$s %2$s niet ongeldig maken"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Maak bepaalde gebruiker ongeldig"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Maak alle gebruikers ongeldig"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Maak bepaalde groep ongeldig"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Maak alle groepen ongeldig"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "Maak bepaalde netgroep ongeldig"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "Maak alle netgroepen ongeldig"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Maak bepaalde service ongeldig "
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Maak alle services ongeldig"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "Maak bepaalde autofs map ongeldig"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "Maak alle autofs mappen ongeldig"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "Maak alleen ingangen van een bepaald domein ongeldig"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr "Selecteer tenminste een object om ongeldig te maken\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "Kon domein %1$s niet openen\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "Kon beschikbare domeinen niet openen\n"
@@ -1750,7 +1772,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "Specificeer het debug niveau dat je wilt instellen\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Het geheugen zit vol\n"
@@ -1759,6 +1790,9 @@ msgstr "Het geheugen zit vol\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s moet als root uitgevoerd worden\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Stuur de debuguitvoer naar bestanden in plaats van stderr"
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "SSSD draait al\n"
diff --git a/po/pl.po b/po/pl.po
index 4b805f5b0..b7c451d3d 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:48+0000\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
@@ -276,311 +276,328 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Wyświetla użytkowników/grupy w pełnej formie"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Czas oczekiwania pamięci podręcznej wpisów (sekundy)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ogranicza lub preferuje podaną rodzinę adresów podczas wykonywania "
"wyszukiwań DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Jak długo utrzymywać wpisy logowania w pamięci podręcznej po ostatnim udanym "
"zalogowaniu (dni)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Jak długo czekać na odpowiedzi od serwera DNS podczas rozwiązywania serwerów "
"(sekundy)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "Część domeny zapytania DNS wykrywania usługi"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "Zastępuje wartość GID z dostawcy tożsamości tą wartością"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Rozróżnianie wielkości liter w nazwach użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Domena IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Adres serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "Adres zapasowego serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Nazwa komputera klienta IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Interfejs, którego adres IP powinien być używany do dynamicznych "
"aktualizacji DNS"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Wyszukiwanie podstawy pod kątem obiektów związanych z HBAC"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Jeśli reguły DENY są dostępne, to DENY_ALL lub IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie "
"zignorowany"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "Położenie automountera, którego używa ten klient IPA"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Domena Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Adres serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Adres zapasowego serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Nazwa komputera klienta Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Adres serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Adres zapasowego serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Obszar Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Czas oczekiwania na uwierzytelnienie"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
"Katalog do przechowywania pamięci podręcznych danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Włącza sprawdzanie danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w "
"trybie online"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "Odnawialny czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "Czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Czas między dwoma sprawdzaniami odnowy"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Włącza FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Wybiera naczelnika do użycia dla FAST"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Włącza ujednolicanie naczelnika"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje "
"się w KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Domyślna podstawowa DN"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Domyślne DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Token uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Czas do próby połączenia"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Czas do próby synchronicznych działań LDAP"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Czas między próbami ponownego połączenia w trybie offline"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Użycie tylko małych znaków w nazwach obszarów"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Plik zawierający certyfikaty CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Ścieżka do katalogu certyfikatów CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Plik zawierający certyfikat klienta"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Plik zawierający klucz klienta"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Lista możliwych zestawów szyfrów"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Wymaga sprawdzenia certyfikatu TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Podaje używany mechanizm SASL"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Podaje używany identyfikator upoważnienia SASL"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Podaje obszar upoważnienia SASL do użycia"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Tablica kluczy usługi Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Podąża za odsyłaniami LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Czas trwania TGT dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Jak wskazywać aliasy"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Nazwa usługi do wyszukiwań usługi DNS"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr "Suma liczb, których musi brakować, aby wywołać pełne \"deref\""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -588,339 +605,339 @@ msgstr ""
"Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby "
"ujednolicić nazwę komputera podczas dowiązania SASL"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "Atrybut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "Atrybut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "Wyłącza kontrolę stronicowania LDAP"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Czas oczekiwania na żądanie wyszukiwania"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "Czas oczekiwania na żądanie wyliczenia"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Czas między aktualizacjami wyliczania"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Czas między czyszczeniem pamięci podręcznej"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Wymaga TLS dla wyszukiwania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Podstawowe DN dla wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Zakres wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filtruje wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Klasa obiektów dla użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Atrybut nazwy użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Pierwszy atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Atrybut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Atrybut katalogu domowego"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Atrybut powłoki"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Atrybut UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "Atrybut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Atrybut głównego użytkownika (dla Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Imię i nazwisko"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Atrybut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Atrybut czasu modyfikacji"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "Atrybut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "Atrybut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "Atrybut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "Atrybut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "Atrybut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "Atrybut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "Atrybut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "Atrybut zawierający listę upoważnionych usług PAM"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "Atrybut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "Atrybut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "Atrybut accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "Atrybut userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "Atrybut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "Atrybut loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "Atrybut loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Atrybut loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "Atrybut klucza publicznego SSH"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "Podstawowe DN dla wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "Klasa obiektów dla grup"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Nazwa grupy"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Hasło grupy"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "Atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Atrybut elementu grupy"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Atrybut UUID grupy"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Atrybut czasu modyfikacji grup"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Klasa obiektów dla grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Nazwa grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Atrybut elementów grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Potrójny atrybut grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Atrybut UUID grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Atrybut czasu modyfikacji grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "Podstawowe DN do wyszukiwania usług"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "Klasa obiektów dla usług"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "Atrybut nazwy usługi"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "Atrybut portu usługi"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "Atrybut protokołu usługi"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "Niższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "Wyższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Liczba identyfikatorów dla każdego kawałka podczas mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "SID domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Polityka do oszacowania wygaszenia hasła"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Filtr LDAP do określenia uprawnień dostępu"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -928,24 +945,24 @@ msgstr ""
"Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie "
"hasła"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "Podstawowe DN dla wyszukiwań reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "Okres między automatycznymi pełnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "Okres między automatycznymi inteligentnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -953,185 +970,181 @@ msgstr ""
"Nazwy komputerów i/lub pełne kwalifikowane nazwy domen tego komputera do "
"filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie "
"komputera"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "Klasa obiektów dla reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "Nazwa reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "Atrybut polecenia reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "Atrybut komputera reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "Atrybut użytkownika reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "Atrybut opcji reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr "Atrybut runasuser reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "Atrybut runasgroup reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "Atrybut notbefore reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "Atrybut notafter reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "Atrybut kolejności reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "Klasa obiektów dla map automountera"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "Atrybut nazwy mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "Klasa obiektów dla wpisów map automountera"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "Atrybut klucza wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "Atrybut wartości wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "Podstawowe DN dla wyszukiwań map automountera"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Lista zabronionych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Domyślna powłoka, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Podstawa katalogów domowych"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Nazwa używanej biblioteki NSS"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli "
"to możliwe"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Używany stos PAM"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Uruchamia jako demon (domyślnie)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Uruchamia interaktywnie (nie jako demon)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Podaje niedomyślny plik konfiguracji"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Wyświetla numer wersji i kończy działanie"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr "Usługa SSSD jest już uruchomiona\n"
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Poziom debugowania"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Dodaje czasy debugowania"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Wyświetlanie dat z mikrosekundami"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Otwiera deskryptor pliku dla dzienników debugowania"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Domena dostawcy informacji (wymagane)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Uprawnione gniazdo posiada błędnego właściciela lub uprawnienia."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "Publiczne gniazdo posiada błędnego właściciela lub uprawnienia"
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Nieoczekiwany format komunikatu uwierzytelniającego serwera."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD nie zostało uruchomione w trybie roota."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "Wystąpił błąd, ale nie odnaleziono jego opisu."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "Nieoczekiwany błąd podczas wyszukiwania opisu błędu"
@@ -1199,10 +1212,10 @@ msgstr "Hasło wygasło. Proszę je zmienić teraz."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Poziom debugowania, z jakim uruchomić"
@@ -1212,10 +1225,10 @@ msgid "The SSSD domain to use"
msgstr "Domena SSSD do użycia"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Błąd podczas ustawiania lokalizacji\n"
@@ -1294,22 +1307,22 @@ msgid "Specify user to add\n"
msgstr "Proszę podać użytkownika do dodania\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Błąd podczas inicjowania narzędzi - brak lokalnej domeny\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Błąd podczas inicjowania narzędzi\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Podano nieprawidłową domenę w FQDN\n"
@@ -1330,7 +1343,7 @@ msgstr "Grupy muszą być w tej samej domenie co użytkownik\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Nie można odnaleźć grupy %1$s w lokalnej domenie\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Nie można ustawić domyślnych wartości\n"
@@ -1338,7 +1351,7 @@ msgstr "Nie można ustawić domyślnych wartości\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "Wybrany UID jest spoza dozwolonego zakresu\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Nie można ustawić kontekstu loginu SELinuksa\n"
@@ -1400,16 +1413,24 @@ msgstr "Grupa o tej samej nazwie lub GID już istnieje\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Błąd transakcji. Nie można dodać grupy.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Proszę podać grupę do usunięcia\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr "Grupa %1$s jest poza określonym zakresem identyfikatorów dla domeny\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1417,7 +1438,7 @@ msgstr ""
"Nie ma takiej grupy w lokalnej domenie. Usuwanie grup jest dozwolone tylko w "
"lokalnej domenie.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Wewnętrzny błąd. Nie można usunąć grupy.\n"
@@ -1459,42 +1480,42 @@ msgstr ""
"Nie można odnaleźć grupy %1$s w lokalnej domenie, tylko grupy w lokalnej "
"domenie są dozwolone\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Nie można zmodyfikować grupy - proszę sprawdzić, czy nazwy członków grupy są "
"poprawne\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Nie można zmodyfikować grupy - proszę sprawdzić, czy nazwa grupy jest "
"poprawna\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Błąd transakcji. Nie można zmodyfikować grupy.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sGrupa: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Prywatne magic "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$sNumer GID: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "%1$sUżytkownicy będący członkami: "
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1503,7 +1524,7 @@ msgstr ""
"\n"
"%1$sJest członkiem: "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1512,15 +1533,15 @@ msgstr ""
"\n"
"%1$sGrupy będące członkami: "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Rekursywnie drukuje niebezpośrednich członków grupy"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Proszę podać grupę do wyświetlenia\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1528,77 +1549,77 @@ msgstr ""
"Nie ma takiej grupy w lokalnej domenie. Drukowanie grup jest dozwolone tylko "
"w lokalnej domenie.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Wewnętrzny błąd. Nie można wydrukować grupy.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Usuwa katalog domowy i bufor poczty"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Nie usuwa katalogu domowego i bufora poczty"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Wymusza usunięcie plików, których właścicielem nie jest użytkownik"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Usuwa procesy użytkownika przed jego usunięciem"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Proszę podać użytkownika do usunięcia\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Użytkownik %1$s jest poza określonym zakresem identyfikatorów dla domeny\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Nie można przywrócić kontekstu loginu SELinuksa\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"OSTRZEŻENIE: użytkownik (UID %1$lu) był zalogowany podczas jego usunięcia.\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Nie można określić, czy użytkownik był zalogowany na tej platformie"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Błąd podczas sprawdzania, czy użytkownik był zalogowany\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Polecenie po usunięciu nie powiodło się: %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Katalog domowy nie zostanie usunięty - użytkownik nie jest właścicielem\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Nie można usunąć katalogu domowego: %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Nie ma takiego użytkownika w lokalnej domenie. Usuwanie użytkowników jest "
"dozwolone tylko w lokalnej domenie.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Wewnętrzny błąd. Nie można usunąć użytkownika.\n"
@@ -1634,100 +1655,100 @@ msgstr ""
"Nie można odnaleźć użytkownika w lokalnej domenie, modyfikowanie "
"użytkowników jest dozwolone tylko w lokalnej domenie\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Nie można zmodyfikować użytkownika - proszę sprawdzić, czy nazwy grup są "
"poprawne\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Nie można zmodyfikować użytkownika - czy użytkownik jest już członkiem "
"grup?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "Nie ma %1$s o nazwie %2$s, pomijanie\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "Nie ma obiektów typu %1$s w pamięci podręcznej, pomijanie\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Nie można unieważnić %1$s"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Nie można unieważnić %1$s %2$s"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Unieważnia podanego użytkownika"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Unieważnia wszystkich użytkowników"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Unieważnia podaną grupę"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Unieważnia wszystkie grupy"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "Unieważnia podaną grupę sieciową"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "Unieważnia wszystkie grupy sieciowe"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Unieważnia podaną usługę"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Unieważnia wszystkie usługi"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "Unieważnia podaną mapę autofs"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "Unieważnia wszystkie mapy autofs"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "Unieważnia wpisy tylko z podanej domeny"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "Nie można otworzyć domeny %1$s\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "Nie można otworzyć dostępnych domen\n"
@@ -1739,7 +1760,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "Podaje poziom debugowania do ustawienia\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Brak pamięci\n"
@@ -1748,7 +1778,10 @@ msgstr "Brak pamięci\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s musi zostać uruchomione jako root\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
"Wysyła wyjście debugowania do plików, zamiast do standardowego wyjścia błędów"
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "Usługa SSSD jest już uruchomiona\n"
diff --git a/po/pt.po b/po/pt.po
index ba3240f3c..f0622dcb0 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n"
@@ -259,833 +259,843 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Apresentar utilizadores/grupos na forma completa"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Validade da cache (segundos)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Restringir ou preferir famílias de endereços especificas quando efectua "
"consultas DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Durante quanto tempo devem ser permitidas as caches de sessões entre sessões "
"bem sucedidas (dias)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Domínio IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Endereço do servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Nome da máquina do cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Endereço do servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Reino Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Tempo de expiração da autenticação"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Directório para armazenar as caches de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Localização da tabela de chaves (keytab) para validar credenciais"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Activar validação de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Servidor onde está em execução o serviço de alteração de senha, se não "
"coincide com o KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, O URI do servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "A base DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "O DN por omissão para a ligação"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "O tipo de token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "O token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Período de tempo para tentar ligação"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tempo de espera para tentar operações LDAP síncronas"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tempo de espera entre tentativas para re-conectar quando desligado"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Caminho para o directório do certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Obriga a verificação de certificados TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Especificar mecanismo sasl a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Especifique o id sasl para utilizar na autorização"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Separador chave do serviço Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utilizar autenticação Kerberos para ligações LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Seguir os referrals LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Tempo de espera por um pedido de pesquisa"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Período de tempo entre enumeração de actualizações"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Requer TLS para consultas de ID"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Âmbito das pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filtro para as pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Atributo GID primário"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Atributo da pasta pessoal"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Atributo da Shell"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal do utilizador (para Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Nome Completo"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Politica para avaliar a expiração da senha"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Lista de utilizadores autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Lista de utilizadores não autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Shell pré-definida, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Directório base para as pastas pessoais"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "O nome da biblioteca NSS a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Stack PAM a utilizar"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Tornar-se num serviço (omissão)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Executar interactivamente (não como serviço)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Especificar um ficheiro de configuração não standard"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Nível de depuração"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Adicionar tempos na depuração"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Um descritor de ficheiro aberto para os registos de depuração"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Domínio do fornecedor de informação (obrigatório)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1153,10 +1163,10 @@ msgstr "A senha expirou. Altere a sua senha agora."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "O nível de depuração a utilizar durante a execução"
@@ -1166,10 +1176,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Erro ao definir a configuração regional\n"
@@ -1248,22 +1258,22 @@ msgid "Specify user to add\n"
msgstr "Indique utilizador a adicionar\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Erro ao inicializar as ferramentas - não existe domínio local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Erro ao inicializar as ferramentas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domínio inválido especificado no FQDN\n"
@@ -1284,7 +1294,7 @@ msgstr "Os grupos têm de pertencer ao mesmo domínio que o utilizador\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Incapaz de definir valores por omissão\n"
@@ -1292,7 +1302,7 @@ msgstr "Incapaz de definir valores por omissão\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "O UID seleccionado está fora do intervalo permitido\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Não foi possível definir o contexto SELinux para a sessão\n"
@@ -1351,16 +1361,24 @@ msgstr "Já existe um grupo com o mesmo nome ou GID\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Erro de transacção. Não foi possível adicionar o grupo.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Especifique grupo a remover\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1368,7 +1386,7 @@ msgstr ""
"Grupo não existe no domínio local. Apenas é permitido remover grupos no "
"domínio local.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Erro interno. Incapaz de remover grupo.\n"
@@ -1408,63 +1426,63 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Incapaz de modificar grupo - verifique que o nome do grupo membro está "
"correcto\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Incapaz de modificar grupo - verifique que o nome do grupo está correcto\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Erro de transacção. Não foi possível modificar o grupo.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "\"Magic\" Privada"
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Imprimir membros de grupos indirectos recursivamente"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Especifique grupo a apresentar\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1472,76 +1490,76 @@ msgstr ""
"Grupo não existe no domínio local. Grupos de impressão apenas permitidos no "
"domínio local.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Erro interno. Incapaz de imprimir grupo.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Remover pasta pessoal e spool de correio"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Não remover pasta pessoal e spool de correio"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Forçar a remoção de ficheiros não pertencentes ao utilizador"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Mate os processos do utilizador antes de o remover"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Especificar o utilizador a remover\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Não foi possível redefinir o contexto SELinux para a sessão\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Não foi possível determinar se o utilizador estava autenticado nesta "
"plataforma"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Erro ao verificar se o utilizador estava autenticado\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "Pasta pessoal não removida - não pertence ao utilizador\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Utilizador não existe no domínio local. Apenas é permitido remover "
"utilizadores no domínio local.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Erro interno. Incapaz de remover utilizador.\n"
@@ -1577,98 +1595,98 @@ msgstr ""
"Utilizador não foi encontrado no domínio local. Apenas é permitido modificar "
"utilizadores no domínio local\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Incapaz de modificar utilizador - verifique se o nome do grupo está "
"correcto\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr "Incapaz de modificar utilizador - utilizador já é membro de grupos?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Erro na transacção. Não foi possível modificar o utilizador.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1680,7 +1698,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Memória esgotada\n"
@@ -1689,6 +1716,6 @@ msgstr "Memória esgotada\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Enviar o resultado de depuração para ficheiro em vez do stderr"
diff --git a/po/ru.po b/po/ru.po
index ef3dabb47..1fe79ba2e 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-11 15:38+0000\n"
"Last-Translator: Stanislav Hanzhin <hanzhin.stas@gmail.com>\n"
"Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n"
@@ -260,836 +260,847 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Отображать пользователей/группы в полной форме"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Тайм-аут элемента списка кэша (в секундах)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Ограничивать или предпочитать определённое семейство адресов при выполнении "
"запросов DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Как долго хранить кэшированные элементы списка после последнего успешного "
"входа (в днях)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Время ожидания ответа DNS при преобразовании имён серверов (секунд)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "Доменная часть DNS-запроса поиска служб"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-домен"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "адрес сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "имя узла клиента IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Если требуется автоматическое обновление записи в"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "Если требуется автоматическое обновление записи в"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Интерфейс, адрес которого будет использован для обновления DNS"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Имя сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Область действия Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Тайм-аут проверки подлинности"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Каталог для хранения кэшей учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Расположения кэша учётных данных пользователей"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Расположение keytab-файла для проверки учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Включить проверку учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
"При отсутствии соединения сохранить пароль и пройти аутентификацию позже"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI сервера LDAP "
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Base DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип маркера проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Маркер проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Временной интервал для попытки соединения"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Временной интервал для попытки синхронизации операций LDAP"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Временной интервал между попытками возобновления соединения в автономного "
"режиме"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Файл содержащий сертификаты CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Путь к каталогу с сертификатами CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Требуется проверка сертификата TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Укажите механизм sasl"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Укажите идентификатор авторизации sasl"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Keytab-файл службы Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Следовать ссылкам LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Время жизни TGT для LDAP-соединений"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Временной интервал, в течение которого ожидать поискового запроса"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Временной интервал между обновлениями перечисления"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Требовать TLS для запросов ID"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Глубина поиска"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Фильтр поиска"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Атрибут «primary GID»"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Атрибут «GECOS»"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Атрибут домашнего каталога"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Атрибут оболочки"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Атрибут «UUID»"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут участника-пользователя (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Полное имя"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Политика вычисления окончания срока действия пароля"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Фильтр LDAP для определения прав доступа"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Разделённый запятыми список разрешённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Разделённый запятыми список запрещённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Оболочка по умолчанию, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Место для домашних каталогов"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Имя используемой библиотеки NSS"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Используемый стек PAM"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Запускаться в качестве службы (по умолчанию)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Запускаться интерактивно (не службой)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Указать файл конфигурации"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Уровень отладки"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Добавить отладочные отметки времени"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Открытый дескриптор файла для журналов отладки"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Домен поставщика информации (обязательный)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
"Для привилегированного сокета установлен неверный владелец или права доступа."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
"Для общедоступного сокета установлен неверный владелец или права доступа."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1157,10 +1168,10 @@ msgstr "Срок действия пароля истёк. Необходимо
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Уровень отладки для запуска"
@@ -1170,10 +1181,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1252,22 +1263,22 @@ msgid "Specify user to add\n"
msgstr "Укажите добавляемого пользователя\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Ошибка инициализации инструментов - не найден локальный домен\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Ошибка инициализации инструментов\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "В FQDN указан неверный домен\n"
@@ -1288,7 +1299,7 @@ msgstr "Группы должны быть в том же домене, что
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Не удалось установить значения по умолчанию\n"
@@ -1296,7 +1307,7 @@ msgstr "Не удалось установить значения по умол
msgid "The selected UID is outside the allowed range\n"
msgstr "Выбранный UID находится за пределами доступного диапазона\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1356,16 +1367,24 @@ msgstr "Группа с таким же именем или GID уже суще
msgid "Transaction error. Could not add group.\n"
msgstr "Ошибка в транзакции. Не удалось добавить группу.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Укажите группу для удаления\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1373,7 +1392,7 @@ msgstr ""
"В локальном домене такой группы нет. Удаление групп разрешено только в "
"локальном домене.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Внутренняя ошибка. Не удалось удалить группу.\n"
@@ -1414,61 +1433,61 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Не удалось изменить группу — проверьте правильность имён групп-участников\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr "Не удалось изменить группу — проверьте правильность имени группы\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Ошибка в транзакции. Не удалось изменить группу.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magic Private"
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Рекурсивно выводить непрямых участников группы"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Укажите группу\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1476,75 +1495,75 @@ msgstr ""
"В локальном домене нет такой группы. Печать групп разрешена только в "
"локальном домене.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Внутренняя ошибка. Невозможно напечатать группу.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Удалить домашний каталог и почтовую очередь"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Не удалять домашний каталог и почтовую очередь"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Принудительно удалять файлы, не принадлежащие пользователю"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Укажите пользователя для удаления\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Домашняя директория не удалена — пользователь не является её владельцем\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"В локальном домене нет такого пользователя. Удаление пользователей разрешено "
"только для локального домена.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Внутренняя ошибка. Не удалось удалить пользователя.\n"
@@ -1580,96 +1599,96 @@ msgstr ""
"Не удалось найти пользователя в локальном домене, изменение пользователей "
"разрешено только в локальном домене\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr "Не удалось изменить пользователя — проверьте правильность имён групп\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr "Не удалось изменить пользователя — он уже является членом групп?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Ошибка в транзакции. Не удалось изменить пользователя.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1681,7 +1700,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Недостаточно памяти\n"
@@ -1690,6 +1718,6 @@ msgstr "Недостаточно памяти\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Отправлять отладочные сообщения в файлы, а не в stderr"
diff --git a/po/sssd.pot b/po/sssd.pot
index 0ea5c15fa..1c0ca38be 100644
--- a/po/sssd.pot
+++ b/po/sssd.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -254,827 +254,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1142,10 +1152,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1155,10 +1165,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1237,22 +1247,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1273,7 +1283,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr ""
@@ -1281,7 +1291,7 @@ msgstr ""
msgid "The selected UID is outside the allowed range\n"
msgstr ""
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1339,22 +1349,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1392,131 +1410,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1550,96 +1568,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1651,7 +1669,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1660,6 +1687,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/sv.po b/po/sv.po
index a2a48f268..9f49b586d 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Swedish (http://www.transifex.com/projects/p/fedora/language/"
@@ -266,295 +266,311 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Visa användare/grupper i fullständigt kvalificerat format"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Tidsgränslängd för postcache (sekunder)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr "Begränsa eller föredra en specifik adressfamilj vid DNS-uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Hur länge cachade poster skall behållas efter senaste lyckade inloggning "
"(dagar)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr "Hur länge man väntar på svar från DNS när servrar slås upp (sekunder)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "Domändelen av DNS-frågan för tjänstedetektering"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr "Åsidosätt GID-värdet från identitetsleverantören med detta värde"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Behandla användarnamn som skiftlägeskänsliga"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA-domän"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA-serveradress"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "Adress till reserv-IPA-server"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Sökbas för HBAC-relaterade objekt"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Om det finns DENY-regler, antingen DENY_ALL eller IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "Platsen för automatmonteraren denna IPA-klient använder"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr "Sökbas för objekt som innehåller information om IPA-domänen"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr "Sökbas för objekt som innehåller information om ID-intervall"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Active Directory-domän"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Adress till Active Directory-server"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Adress till Active Directory-reservserver"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Active Directory-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Adress till server för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Adress till reservserver för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Kerberosrike"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Autentiseringstidsgräns"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Katalog att lagra kreditiv-cachar i"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Plats för användarens kreditiv-cache"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Plats för nyckeltabellen för att validera kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Aktivera validering av kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "Förnybar livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "Livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Tid mellan två kontroller av förnyelse"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Aktiverar FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Väljer huvudman att använda för FAST"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Aktivera kanonsisk form av huvudman"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Standard bas-DN"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Schematypen som används i LDAP-servern, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Typen på autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Tidslängd att försöka ansluta"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tidslängd att försök synkrona LDAP-operationer"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tidslängd mellan försök att återansluta vid frånkoppling"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Använd endast versaler för namn på riken"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Sökväg till katalogen med CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Fil som innehåller klientcertifikatet"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Fil som innehåller klientnyckeln"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Lista över möjliga chiffersviter"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Kräv TLS-certifikatverifiering"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Ange sasl-mekanismen att använda"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Ange sasl-auktorisering-id att använda"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Ange sasl-auktoriseringsrike att använda"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Ange minsta SSF för LDAP-sasl-auktorisering"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Kerberostjänstens nyckeltabell"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Avnänd Kerberosautenticering för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Följer LDAP-hänvisningar"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Livslängd på TGT för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Hur alias skall derefereras"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Tjänstenamn för uppslagning av DNS-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -562,360 +578,360 @@ msgstr ""
"Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram "
"värdnamnets kanoniska form under en SASL-bindning"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "entryUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "lastUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "Avaktivera flödesstyrningen (paging) av LDAP"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Tidslängd att vänta på en sökbegäran"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "Tidslängd att vänta på en uppräkningsbegäran"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Tidslängd mellan uppräkningsuppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Tidslängd mellan cache-tömningar"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Kräv TLS för ID-uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Använd ID-översättning av objectSID istället för pre-set ID:n"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Omfång av användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Filter för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Primärt GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "GECOS-attribut"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Hemkatalogattribut"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Skalattribut"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "UUID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "objectSID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Primärt gruppattribut i Active Directory för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Användarens huvudmansattribut (för Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Fullständigt namn"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "attributet shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "shadowMin-attribut"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "shadowMax-attribut"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "shadowWarning-attribut"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "shadowInactive-attribut"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "shadowExpire-attribut"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "shadowFlag-attribut"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "Attribut för listning av auktoriserade PAM-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Attribut för listning av auktoriserade servervärdar"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "attributet krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration-attribut"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "AD:s attribut accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "AD:s attribut userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "attributet nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "NDS attribut loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS attribut loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS attribut loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "Attribut för publik SSH-nyckel"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "Bas-DN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "Objektklass för grupper"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Gruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Grupplösenord"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Gruppmedlemsattribut"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Grupp-UUID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Modifieringstidsattribut för grupper"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximal nästningsnivå SSSd kommer följa"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "Bas-DN för nätgruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Objektklass för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Nätgruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Attribut på nätgruppmedlemmar"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Attribut på nätgruppstripplar"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Attribut på nätgrupps-UUID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Modifieringstidsattribut för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "Bas-DN för tjänsteuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "Objektklass för tjänster"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "Tjänstenamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "Tjänsteportsattribut"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "Tjänsteprotokollsattribut"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "Undre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "Övre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Antal ID:n till varje skiva vid ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Använd en autorid-kompatibel algoritm för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "Standarddomänens namn för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "Standarddomänens SID för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Policy för att utvärdera utgång av lösenord"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter för att bestämma åtkomstprivilegier"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "Bas-DN för regeluppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "Intervall mellan automatisk fullständig omläsning"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "Intervall mellan automatisk smart omläsning"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -923,184 +939,180 @@ msgstr ""
"Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för "
"att filtrera sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera "
"sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Huruvida regler som innehåller reguljära uttryck i värdattribut skall "
"inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "Objektklass för sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "Sudo-regelnamn"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "Attribut för sudo-regelkommandon"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "Attribut för sudo-regelvärd"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "Attribut för sudo-regelanvändare"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "Attribut för sudo-regelflaggor"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr "Attribut för sudo-runasuser"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut på runasgroup i sudo-regel"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "Attribut för sudo-notbefore-regler"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "Attribut för sudo-notafter-regler"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "Attribut för sudo-order-regler"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "Objektklass för automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "Attribut för automatmonteraravbildningsnamn"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "Objektklass för poster i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "Attribut för postnycklar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "Attribut på postvärde i avbildning för automatmonteraren"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "Bas-DN för uppslagningar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Kommaseparerad lista över tillåtna användare"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Kommaseparerad lista över förbjudna användare"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Standardskal, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Bas för hemkataloger"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Namnet på NSS-biblioteket att använda"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "PAM-stack att använda"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Bli en demon (standard)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Kör interaktivt (inte en demon)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Ange en konfigurationsfil annan än standard"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Skriv ut versionsnumret och avsluta"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Felsökningsnivå"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Lägg till felsökningstidstämplar"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Visa tidsstämplar med mikrosekunder"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Ett öppet filhandtag för felsökningsloggarna"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Domän för informationsleverantören (obligatoriskt)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "Priviligierat uttag (socket) har fel ägarskap eller rättigheter."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "Publikt uttag (socket) har fel ägarskap eller rättigheter."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Oväntat format på serverns kreditivmeddelande."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD körs inte av root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "Ett fel uppstod, men ingen beskrivning kan hittas."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "Oväntat fel vid sökning efter ett felmeddelande"
@@ -1168,10 +1180,10 @@ msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu."
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Felsökningsnivån att köra med"
@@ -1181,10 +1193,10 @@ msgid "The SSSD domain to use"
msgstr "SSSD-domäner att använda"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Fel när lokalen sattes\n"
@@ -1263,22 +1275,22 @@ msgid "Specify user to add\n"
msgstr "Ange en användare att lägga till\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Fel vid initiering av verktygen — ingen lokal domän\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Fel vid initiering av verktygen\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Ogiltig domän angiven i FQDN\n"
@@ -1299,7 +1311,7 @@ msgstr "Grupper måste finnas i samma domän som användaren\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Hittar inte gruppen %1$s i den lokala domänen\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Kan inte sätta standardvärden\n"
@@ -1307,7 +1319,7 @@ msgstr "Kan inte sätta standardvärden\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "Den valda UID:n är utanför det tillåtna intervallet\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Kan inte sätta SELinux-inloggningskontext\n"
@@ -1367,16 +1379,24 @@ msgstr "En grupp med samma namn eller GID finns redan\n"
msgid "Transaction error. Could not add group.\n"
msgstr "Transaktionsfel. Det gick inte att lägga till gruppen.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Ange grupp att ta bort\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr "Gruppen %1$s är utanför det definierade ID-intervallet för domänen\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1384,7 +1404,7 @@ msgstr ""
"Ingen sådan grupp i den lokala domänen. Att ta bort grupper är endast "
"tillåtet i den lokala domänen.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Internt fel. Det gick inte att ta bort gruppen.\n"
@@ -1426,41 +1446,41 @@ msgstr ""
"Kan inte hitta grupp %1$s i den lokala domänen, endast grupper i den lokala "
"domänen är tillåtna\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Det gick inte att ändra gruppen - kontrollera om medlemsgruppsnamnen är "
"riktiga\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Det gick inte att ändra gruppen - kontrollera om gruppnamnet är riktigt\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Transaktionsfel. Det gick inte att ändra gruppen.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sGrupp: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Magiskt privat "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$sGID-nummer: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "%1$sMedlemsanvändare: "
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1469,7 +1489,7 @@ msgstr ""
"\n"
"%1$sÄr en medlem i: "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1478,15 +1498,15 @@ msgstr ""
"\n"
"%1$sMedlemsgrupper: "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Skriv ut indirekta gruppmedlemmar rekursivt"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Ange en grupp att visa\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1494,76 +1514,76 @@ msgstr ""
"Ingen sådan grupp i den lokala domänen. Att skriva ut grupper är endast "
"tillåtet i den lokala domänen.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Internt fel. Det gick inte att skriva ut gruppen.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Ta bort hemkatalog och brevlåda"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Ta inte bort hemkatalog och brevlåda"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Framtvinga borttagning av filer som inte ägs av användaren"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Döda anvädares processer före de tas bort"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Ange användare att ta bort\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Användaren %1$s är utanför det definierade ID-intervallet för domänen\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Kan inte återställa SELinux-inloggningskontext\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"VARNING: Användaren (uid %1$lu) var fortfarande inloggad när han togs bort.\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Det går inte att avgöra om användaren var inloggad på denna plattform"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Fel vid kontroll om användaren var inloggad\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Kommandot efter borttagandet misslyckades: %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "Tar inte bort hemkatalogen - ägs inte av användaren\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Kan inte ta bort hemkatalogen: %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Ingen sådan användare i den lokala domänen. Det går endast att ta bort "
"användare i den lokala domänen.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Internt fel. Det gick inte att ta bort användaren.\n"
@@ -1599,98 +1619,98 @@ msgstr ""
"Det gick inte att hitta användaren i den lokala domänen, det går bara att "
"ändra användare i den lokala domänen\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Det gick inte att ändra användaren - kontrollera att gruppnamnen är riktiga\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Det gick inte att ändra användaren - är användaren redan medlem i grupper?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr "Inga cache-objekt matchade den angivna sökningen\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "Ingen sådan %1$s med namnet %2$s, hoppar över\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "Inga objekt av typen %1$s i cachen, hoppar över\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Kunde inte invalidera %1$s"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Kunde inte invalidera %1$s %2$s"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Invalidera en viss användare"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Invalidera alla användare"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Invalidera en viss grupp"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Invalidera alla grupper"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "Invalidera en viss nätgrupp"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "Invalidera alla nätgrupper"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Invalidera en viss tjänst"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Invalidera alla tjänster"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "Invalidera en viss autofs-mapp"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "Invalidera alla autofs-mappar"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "Invalidera endast poster från en viss domän"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr "Välj åtminstone ett objekt att invalidera\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "Kunde inte öppna domänen %1$s\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "Kunde inte öppna tillgängliga domäner\n"
@@ -1702,7 +1722,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "Ange felsökningsnivån du vill ställa in\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Slut på minne\n"
@@ -1711,6 +1740,6 @@ msgstr "Slut på minne\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s måste köras som root\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Skicka felutskrifter till filer istället för standard fel"
diff --git a/po/tg.po b/po/tg.po
index 8bf77fda6..f946ce073 100644
--- a/po/tg.po
+++ b/po/tg.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/"
@@ -255,827 +255,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Номи гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Пароли гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "Аттрибути GID"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1143,10 +1153,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1156,10 +1166,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1238,22 +1248,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1274,7 +1284,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr ""
@@ -1282,7 +1292,7 @@ msgstr ""
msgid "The selected UID is outside the allowed range\n"
msgstr ""
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1340,22 +1350,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1393,131 +1411,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1551,96 +1569,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1652,7 +1670,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Берун аз хотира\n"
@@ -1661,6 +1688,6 @@ msgstr "Берун аз хотира\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/tr.po b/po/tr.po
index e4f4bc5c9..98d060202 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Turkish (http://www.transifex.com/projects/p/fedora/language/"
@@ -17,7 +17,7 @@ msgstr ""
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
-"Plural-Forms: nplurals=1; plural=0;\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
#: src/config/SSSDConfig/__init__.py.in:39
msgid "Set the verbosity of the debug logging"
@@ -256,827 +256,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA alanı"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos sunucu adresi"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1144,10 +1154,10 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1157,10 +1167,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr ""
@@ -1239,22 +1249,22 @@ msgid "Specify user to add\n"
msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1275,7 +1285,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr ""
@@ -1283,7 +1293,7 @@ msgstr ""
msgid "The selected UID is outside the allowed range\n"
msgstr ""
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1341,22 +1351,30 @@ msgstr ""
msgid "Transaction error. Could not add group.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr ""
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr ""
@@ -1394,131 +1412,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr ""
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr ""
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr ""
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr ""
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1552,96 +1570,96 @@ msgid ""
"domain\n"
msgstr ""
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1653,7 +1671,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr ""
@@ -1662,6 +1689,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/uk.po b/po/uk.po
index 9ebc21556..a69e1e10b 100644
--- a/po/uk.po
+++ b/po/uk.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 18:20+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n"
@@ -282,312 +282,331 @@ msgid "Display users/groups in fully-qualified form"
msgstr "Показувати записи користувачів/груп повністю"
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr "Тривалість кешування записів (у секундах)"
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
"Обмежити або надавати перевагу певному сімейству адрес під час виконання "
"пошуків DNS"
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
"Тривалість зберігання кешованих записів після останнього успішного входу (у "
"днях)"
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
"Тривалість очікування на відповідь від DNS під час визначення адрес серверів "
"(у секундах)"
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr "Частина запиту щодо виявлення служби DNS, пов’язана з доменом"
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
"Замінити значення ідентифікатора групи від надавача профілю цим значенням"
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr "Враховувати регістр у іменах користувачів"
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "Домен IPA"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "Адреса сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr "Адреса резервного сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "Назва вузла клієнта IPA"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+#, fuzzy
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
+"FreeIPA"
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS"
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr "Шукати у базі об’єкти, пов’язані з HBAC"
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+#, fuzzy
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+"Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA"
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Якщо вказано правила DENY, DENY_ALL або IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде "
"проігноровано"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr "Домен Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr "Адреса сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr "Адреса резервного сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr "Назва клієнтського вузла Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Адреса сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr "Адреса резервного сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr "Область Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "Час очікування на розпізнавання"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "Каталог, де зберігатиметься кеш реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "Адреса кешу реєстраційних даних користувача"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "Адреса таблиці ключів для перевірки реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "Увімкнути перевірку реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr "Поновлюваний строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr "Строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr "Граничний час між двома перевірками для поновлення"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr "Вмикає FAST"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr "Визначає реєстраційний запис, який слід використовувати для FAST"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr "Вмикає перетворення реєстраційних записів у канонічну форму"
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться "
"виявити у KDC"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, адреса URI сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, адреса сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr "Типова базова назва домену"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схеми, використаний на сервері LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr "Типова назва домену прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип розпізнавання для типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr "Лексема розпізнавання типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr "Проміжок часу між спробами встановлення з’єднання"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Проміжок часу між повторними спробами встановлення з’єднання у автономному "
"режимі"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr "Використовувати для назв областей лише великі літери"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr "Файл, що містить сертифікати CA"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr "Шлях до каталогу сертифікатів CA"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr "Файл, що містить клієнтський сертифікат"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr "Файл, що містить клієнтський ключ"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr "Показати список можливих інструментів шифрування"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "Потрібна перевірка сертифіката TLS"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "Вкажіть механізм SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr "Вкажіть область уповноваження SASL, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
"Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr "Таблиця ключів служби Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr "Розпізнавання Kerberos для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr "Переходити за посиланнями LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr "Строк дії TGT для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr "Спосіб розіменування псевдонімів"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr "Назва служби для пошуків за допомогою служби DNS"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Кількість учасників, яких має не вистачати для вмикання повного скасування "
"посилань"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -595,349 +614,349 @@ msgstr ""
"Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою "
"переведення назв вузлів у канонічну форму під час прив’язки до SASL"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr "Атрибут entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr "Атрибут lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr "Вимкнути контроль сторінок у LDAP"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "Тривалість очікування на дані запиту пошуку"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr "Тривалість очікування на дані запиту щодо переліку"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr "Проміжок часу між оновленнями нумерації"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr "Проміжок часу між спорожненнями кешу"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr "Вимагати TLS для пошуків ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Використовувати відповідності ідентифікаторів objectSID замість попередньо "
"встановлених ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr "Базова назва домену для пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr "Діапазон пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr "Фільтр пошуку користувачів"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr "Клас об’єктів для користувачів"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr "Атрибут імені користувача"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr "Головний атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr "Атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr "Атрибут домашнього каталогу"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr "Атрибут оболонки"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr "Атрибут UUID"
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr "Атрибут objectSID"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
"Атрибут основної групи Active Directory для встановлення відповідності "
"ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут реєстраційного запису користувача (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "Повне ім'я"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr "Атрибут часу зміни"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr "Атрибут shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr "Атрибут shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr "Атрибут shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr "Атрибут shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr "Атрибут shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr "Атрибут shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr "Атрибут shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr "Атрибути зі списком уповноважених служб PAM"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr "Атрибути зі списком уповноважених серверних вузлів"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr "Атрибут krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr "Атрибут krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr "Атрибут accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr "Атрибут userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr "Атрибут nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr "Атрибут loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr "Атрибут loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Атрибут loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr "Атрибут відкритого ключа SSH"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr "Базова назва домену для пошуків груп"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr "Клас об’єктів для груп"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr "Назва групи"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr "Пароль групи"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr "Атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr "Атрибут членства у групі"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr "Атрибут UUID групи"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr "Атрибут часу зміни для груп"
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD"
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr "Базова назва домену для пошуків груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr "Клас об’єктів для груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr "Назва мережевої групи"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr "Атрибут членства у групах у мережі"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr "Атрибут трійки груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr "Атрибут UUID груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr "Атрибут часу зміни для мережевих груп"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr "Базова сервер назв домену для пошуку служб"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr "Клас об’єктів для служб"
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr "Атрибут назви служби"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr "Атрибут порту служби"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr "Атрибут протоколу служби"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr "Нижня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr "Верхня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Кількість ідентифікаторів для кожного зрізу під час встановлення "
"відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Використовувати для встановлення відповідності ідентифікаторів алгоритм, "
"сумісний з autorid"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr "Назва типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr "SID типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп "
"(initgroup)"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "Правила оцінки завершення строку дії пароля"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr "Фільтр LDAP для визначення прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Атрибути які слід використовувати для визначення чинності облікового запису"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Правила, які має бути використано для визначення достатності прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr "Назва у службі DNS сервера зміни паролів LDAP"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -945,25 +964,25 @@ msgstr ""
"Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після "
"зміни пароля"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr "Базова назва домену для пошуків правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr "Період автоматичного повного оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr "Період автоматичного кмітливого оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та "
"мережами"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -971,188 +990,184 @@ msgstr ""
"Назви вузлів і/або повні назви у домені для цього комп’ютера для "
"фільтрування списку правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку "
"правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять мережеву групу у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять формальний вираз у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr "Клас об’єктів для правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr "Назва правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr "Атрибут команди правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr "Атрибут вузла правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr "Атрибут користувача правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr "Атрибут параметрів правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
"Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr "Атрибут граничного часу початку дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr "Атрибут граничного часу завершення дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr "Атрибут порядку правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr "Клас об’єктів для карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr "Атрибут назви карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr "Клас об’єктів для записів карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr "Атрибут ключа запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr "Атрибут значення запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "Відокремлений комами список дозволених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "Відокремлений комами список заборонених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "Типова оболонка, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr "Базова адреса домашніх каталогів"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "Назва бібліотеки NSS, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це "
"можливо"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "Стек PAM, який слід використовувати"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "Запуститися фонову службу (типова поведінка)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "Запустити у інтерактивному режимі (без фонової служби)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Вказати нетиповий файл налаштувань"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr "Вивести номер версії і завершити роботу"
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr "SSSD вже запущено\n"
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "Рівень зневаджування"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Додавати діагностичні часові позначки"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Показувати мікросекунди у часових позначках"
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Дескриптор відкритого файла для запису журналів діагностики"
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr "Домен надання відомостей (обов’язковий)"
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr "У привілейованого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr "У відкритого сокета помилковий власник або права доступу."
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr "Некоректний формат повідомлення щодо реєстраційних даних сервера."
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr "SSSD запущено не від імені користувача root."
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr "Сталася помилка, але не вдалося знайти її опису."
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr "Неочікувана помилка під час пошуку опису помилки"
@@ -1220,10 +1235,10 @@ msgstr "Строк дії пароля вичерпано. Змініть ваш
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Рівень діагностики під час запуску"
@@ -1233,10 +1248,10 @@ msgid "The SSSD domain to use"
msgstr "Домен SSSD, який слід використовувати"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "Помилка під час спроби встановити локаль\n"
@@ -1315,22 +1330,22 @@ msgid "Specify user to add\n"
msgstr "Вкажіть користувача, запис якого слід додати\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Помилка ініціалізації інструментів: немає локального домену\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Помилка ініціалізації інструментів\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "У FQDN вказано некоректний домен\n"
@@ -1351,7 +1366,7 @@ msgstr "Групи мають належати до того самого дом
msgid "Cannot find group %1$s in local domain\n"
msgstr "Не вдалося знайти групу %1$s у локальному домені\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "Не вдалося встановити типові значення\n"
@@ -1360,7 +1375,7 @@ msgid "The selected UID is outside the allowed range\n"
msgstr ""
"Вибраний ідентифікатор користувача не належить до діапазону дозволених\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr "Не вдалося встановити контекст входу SELinux\n"
@@ -1423,16 +1438,24 @@ msgstr "Вже існує група з такою самою назвою аб
msgid "Transaction error. Could not add group.\n"
msgstr "Помилка під час виконання операції Не вдалося додати групу.\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "Вкажіть групу, яку слід вилучити\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr "Група %1$s не належить визначеному діапазону ідентифікаторів домену\n"
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
@@ -1440,7 +1463,7 @@ msgstr ""
"У локальному домені немає такої групи. Вилучення груп можливе лише у межах "
"локального домену.\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "Внутрішня помилка. Не вдалося вилучити запис групи.\n"
@@ -1483,41 +1506,41 @@ msgstr ""
"Не вдалося знайти групу %1$s у локальному домені, можна використовувати лише "
"групи з локального домену\n"
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назви груп-"
"учасників\n"
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr ""
"Не вдалося змінити запис групи. Перевірте, чи правильно вказано назву групи\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "Помилка під час виконання операції Не вдалося змінити групу.\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr "%1$s%2$sГрупа: %3$s\n"
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "Магічна приватна "
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr "%1$sНомер GID: %2$d\n"
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr "%1$sКористувачі-учасники: "
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
@@ -1526,7 +1549,7 @@ msgstr ""
"\n"
"%1$sє учасником: "
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
@@ -1535,15 +1558,15 @@ msgstr ""
"\n"
"%1$sГрупи-учасники: "
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "Виводити дані щодо непрямих учасників групи рекурсивно"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "Вкажіть групу, дані якої слід показати\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
@@ -1551,78 +1574,78 @@ msgstr ""
"У локальному домені немає такої групи. Вивід даних груп можливий лише у "
"межах локального домену.\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "Внутрішня помилка. Не вдалося вивести дані групи.\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr "Вилучити домашній каталог і поштовий буфер"
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr "Не вилучати домашній каталог і поштовий буфер"
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "Примусово вилучити файли, які не належать користувачеві"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr "Припинити роботу процесів користувача перед вилученням його запису"
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "Вкажіть користувача, запис якого слід вилучити\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Користувач %1$s не належить визначеному діапазону ідентифікаторів домену\n"
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr "Не вдалося відновити початковий контекст входу SELinux\n"
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"ПОПЕРЕДЖЕННЯ: користувач (uid %1$lu) все ще працював у системі на час "
"вилучення його запису.\n"
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Не вдалося визначити, чи увійшов користувач до системи на цій платформі"
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr "Помилка під час перевірки входу користувача до системи\n"
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Помилка команди, яку слід було виконати після вилучення запису: %1$s\n"
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "Домашній каталог не буде вилучено. Він не належить користувачеві.\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Не вдалося вилучити домашній каталог: %1$s\n"
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"У локальному домені немає такого користувача. Вилучення користувачів можливе "
"лише у межах локального домену.\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "Внутрішня помилка Не вдалося вилучити запис користувача.\n"
@@ -1658,101 +1681,101 @@ msgstr ""
"Не вдалося знайти користувача у локальному домені. Зміну записів "
"користувачів можна виконувати лише у межах локального домену\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr ""
"Не вдалося змінити запис користувача. Перевірте, чи правильно вказано назви "
"груп\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr ""
"Не вдалося змінити запис користувача. Користувач вже є учасником груп?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr ""
"Помилка під час виконання операції. Не вдалося змінити запис користувача.\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n"
-#: src/tools/sss_cache.c:201
-#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+#: src/tools/sss_cache.c:325
+#, fuzzy, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr "Немає %1$s з назвою %2$s, пропускаємо\n"
-#: src/tools/sss_cache.c:204
-#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+#: src/tools/sss_cache.c:328
+#, fuzzy, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr "У кеші немає об’єктів типу %1$s, пропускаємо\n"
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Не вдалося скасувати визначення %1$s"
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Не вдалося скасувати визначення %1$s %2$s"
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr "Скасувати визначення певного користувача"
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr "Скасувати визначення всіх користувачів"
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr "Скасувати визначення певної групи"
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr "Скасувати визначення всіх груп"
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr "Скасувати визначення певної мережевої групи"
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr "Скасувати визначення всіх мережевих груп"
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr "Скасувати визначення певної служби"
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr "Скасувати визначення всіх служб"
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr "Скасувати визначення певну карту autofs"
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr "Скасувати визначення всіх карт autofs"
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr "Скасувати визначення лише записів з певного домену"
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
"Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr "Не вдалося відкрити домен %1$s\n"
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr "Не вдалося відкрити доступні домени\n"
@@ -1764,7 +1787,16 @@ msgstr "\n"
msgid "Specify debug level you want to set\n"
msgstr "Вкажіть рівень діагностики, який ви бажаєте встановити\n"
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "Не вистачає пам'яті\n"
@@ -1773,6 +1805,9 @@ msgstr "Не вистачає пам'яті\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s слід запускати від імені користувача root\n"
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "Надіслати діагностичні дані до файлів, а не до stderr"
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "SSSD вже запущено\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
new file mode 100644
index 000000000..db6ba4d9a
--- /dev/null
+++ b/po/zh_CN.po
@@ -0,0 +1,1696 @@
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR Red Hat, Inc.
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Translators:
+# Christopher Meng <cickumqt@gmail.com>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
+"PO-Revision-Date: 2012-12-24 06:37+0000\n"
+"Last-Translator: Christopher Meng <cickumqt@gmail.com>\n"
+"Language-Team: Chinese (China) <trans-zh_cn@lists.fedoraproject.org>\n"
+"Language: zh_CN\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#: src/config/SSSDConfig/__init__.py.in:39
+msgid "Set the verbosity of the debug logging"
+msgstr "设定调试日志记录等级"
+
+#: src/config/SSSDConfig/__init__.py.in:40
+msgid "Include timestamps in debug logs"
+msgstr "在调试日志中包含时间戳"
+
+#: src/config/SSSDConfig/__init__.py.in:41
+msgid "Include microseconds in timestamps in debug logs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:42
+msgid "Write debug messages to logfiles"
+msgstr "写入调试信息到日志文件"
+
+#: src/config/SSSDConfig/__init__.py.in:43
+msgid "Ping timeout before restarting service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:44
+msgid ""
+"Timeout between three failed ping checks and forcibly killing the service"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:45
+msgid "Command to start service"
+msgstr "启动服务命令"
+
+#: src/config/SSSDConfig/__init__.py.in:46
+msgid "Number of times to attempt connection to Data Providers"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:47
+msgid "The number of file descriptors that may be opened by this responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:48
+msgid "Idle time before automatic disconnection of a client"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:51
+msgid "SSSD Services to start"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:52
+msgid "SSSD Domains to start"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:53
+msgid "Timeout for messages sent over the SBUS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:54
+msgid "Regex to parse username and domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:55
+msgid "Printf-compatible format for displaying fully-qualified names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:56
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:57
+msgid "Domain to add to names without a domain component."
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:60
+msgid "Enumeration cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:61
+msgid "Entry cache background update timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:62
+#: src/config/SSSDConfig/__init__.py.in:88
+msgid "Negative cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:63
+msgid "Users that SSSD should explicitly ignore"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:64
+msgid "Groups that SSSD should explicitly ignore"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:65
+msgid "Should filtered users appear in groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:66
+msgid "The value of the password field the NSS provider should return"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:67
+msgid "Override homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:68
+msgid ""
+"Substitute empty homedir value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:69
+msgid "Override shell value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:70
+msgid "The list of shells users are allowed to log in with"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:71
+msgid ""
+"The list of shells that will be vetoed, and replaced with the fallback shell"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:72
+msgid ""
+"If a shell stored in central directory is allowed but not available, use "
+"this fallback"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:73
+msgid "Shell to use if the provider does not list one"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:74
+msgid "How long will be in-memory cache records valid"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:77
+msgid "How long to allow cached logins between online logins (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:78
+msgid "How many failed logins attempts are allowed when offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:79
+msgid ""
+"How long (minutes) to deny login after offline_failed_login_attempts has "
+"been reached"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:80
+msgid "What kind of messages are displayed to the user during authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:81
+msgid "How many seconds to keep identity information cached for PAM requests"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:82
+msgid "How many days before password expiration a warning should be displayed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:85
+msgid "Whether to evaluate the time-based attributes in sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:91
+msgid "Whether to hash host names and addresses in the known_hosts file"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:92
+msgid ""
+"How many seconds to keep a host in the known_hosts file after its host keys "
+"were requested"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:95
+msgid "List of UIDs or user names allowed to access the PAC responder"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:98
+msgid "Identity provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:99
+msgid "Authentication provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:100
+msgid "Access control provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:101
+msgid "Password change provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:102
+msgid "SUDO provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:103
+msgid "Autofs provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:104
+msgid "Session-loading provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:105
+msgid "Host identity provider"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:108
+msgid "Minimum user ID"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:109
+msgid "Maximum user ID"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:110
+msgid "Enable enumerating all users/groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:111
+msgid "Cache credentials for offline login"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:112
+msgid "Store password hashes"
+msgstr "保存密码哈希值"
+
+#: src/config/SSSDConfig/__init__.py.in:113
+msgid "Display users/groups in fully-qualified form"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:114
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:122
+#: src/config/SSSDConfig/__init__.py.in:123
+#: src/config/SSSDConfig/__init__.py.in:124
+#: src/config/SSSDConfig/__init__.py.in:125
+#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
+msgid "Entry cache timeout length (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:116
+msgid ""
+"Restrict or prefer a specific address family when performing DNS lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:117
+msgid "How long to keep cached entries after last successful login (days)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:118
+msgid "How long to wait for replies from DNS when resolving servers (seconds)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:119
+msgid "The domain part of service discovery DNS query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:120
+msgid "Override GID value from the identity provider with this value"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Treat usernames as case sensitive"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:130
+msgid "IPA domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:131
+msgid "IPA server address"
+msgstr "IPA 服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:132
+msgid "Address of backup IPA server"
+msgstr "IPA 备份服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:133
+msgid "IPA client hostname"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether to automatically update the client's DNS entry in FreeIPA"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
+msgid "The interface whose IP should be used for dynamic DNS updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:137
+msgid "Search base for HBAC related objects"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:138
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
+msgid "If DENY rules are present, either DENY_ALL or IGNORE"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:141
+msgid "If set to false, host argument given by PAM will be ignored"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:142
+msgid "The automounter location this IPA client is using"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:143
+msgid "Search base for object containing info about IPA domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "Search base for objects containing info about ID ranges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:147
+msgid "Active Directory domain"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:148
+msgid "Active Directory server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:149
+msgid "Active Directory backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:150
+msgid "Active Directory client hostname"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
+msgid "Kerberos server address"
+msgstr "Kerberos 服务器地址"
+
+#: src/config/SSSDConfig/__init__.py.in:155
+msgid "Kerberos backup server address"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:156
+msgid "Kerberos realm"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:157
+msgid "Authentication timeout"
+msgstr "验证超时"
+
+#: src/config/SSSDConfig/__init__.py.in:160
+msgid "Directory to store credential caches"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:161
+msgid "Location of the user's credential cache"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:162
+msgid "Location of the keytab to validate credentials"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:163
+msgid "Enable credential validation"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:164
+msgid "Store password if offline for later online authentication"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:165
+msgid "Renewable lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:166
+msgid "Lifetime of the TGT"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:167
+msgid "Time between two checks for renewal"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Enables FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:169
+msgid "Selects the principal to use for FAST"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:170
+msgid "Enables principal canonicalization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
+msgid "Server where the change password service is running if not on the KDC"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:177
+msgid "ldap_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:178
+msgid "ldap_backup_uri, The URI of the LDAP server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:179
+msgid "The default base DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:180
+msgid "The Schema Type in use on the LDAP server, rfc2307"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:181
+msgid "The default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:182
+msgid "The type of the authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:183
+msgid "The authentication token of the default bind DN"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:184
+msgid "Length of time to attempt connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:185
+msgid "Length of time to attempt synchronous LDAP operations"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:186
+msgid "Length of time between attempts to reconnect while offline"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:187
+msgid "Use only the upper case for realm names"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:188
+msgid "File that contains CA certificates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:189
+msgid "Path to CA certificate directory"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:190
+msgid "File that contains the client certificate"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:191
+msgid "File that contains the client key"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:192
+msgid "List of possible ciphers suites"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:193
+msgid "Require TLS certificate verification"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:194
+msgid "Specify the sasl mechanism to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:195
+msgid "Specify the sasl authorization id to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:196
+msgid "Specify the sasl authorization realm to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:197
+msgid "Specify the minimal SSF for LDAP sasl authorization"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:198
+msgid "Kerberos service keytab"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:199
+msgid "Use Kerberos auth for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:200
+msgid "Follow LDAP referrals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:201
+msgid "Lifetime of TGT for LDAP connection"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:202
+msgid "How to dereference aliases"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:203
+msgid "Service name for DNS service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:204
+msgid "The number of records to retrieve in a single LDAP query"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:205
+msgid "The number of members that must be missing to trigger a full deref"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:206
+msgid ""
+"Whether the LDAP library should perform a reverse lookup to canonicalize the "
+"host name during a SASL bind"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:208
+msgid "entryUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:209
+msgid "lastUSN attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:211
+msgid "How long to retain a connection to the LDAP server before disconnecting"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:213
+msgid "Disable the LDAP paging control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:216
+msgid "Length of time to wait for a search request"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:217
+msgid "Length of time to wait for a enumeration request"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:218
+msgid "Length of time between enumeration updates"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:219
+msgid "Length of time between cache cleanups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:220
+msgid "Require TLS for ID lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:221
+msgid "Use ID-mapping of objectSID instead of pre-set IDs"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:222
+msgid "Base DN for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:223
+msgid "Scope of user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:224
+msgid "Filter for user lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:225
+msgid "Objectclass for users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Username attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:228
+msgid "UID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
+msgid "Primary GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:230
+msgid "GECOS attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:231
+msgid "Home directory attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:232
+msgid "Shell attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:233
+msgid "UUID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
+msgid "objectSID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:235
+msgid "Active Directory primary group attribute for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:236
+msgid "User principal attribute (for Kerberos)"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:237
+msgid "Full Name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:238
+msgid "memberOf attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:239
+msgid "Modification time attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:241
+msgid "shadowLastChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:242
+msgid "shadowMin attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:243
+msgid "shadowMax attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:244
+msgid "shadowWarning attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:245
+msgid "shadowInactive attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:246
+msgid "shadowExpire attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:247
+msgid "shadowFlag attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:248
+msgid "Attribute listing authorized PAM services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:249
+msgid "Attribute listing authorized server hosts"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:250
+msgid "krbLastPwdChange attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:251
+msgid "krbPasswordExpiration attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:252
+msgid "Attribute indicating that server side password policies are active"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:253
+msgid "accountExpires attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:254
+msgid "userAccountControl attribute of AD"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:255
+msgid "nsAccountLock attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:256
+msgid "loginDisabled attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:257
+msgid "loginExpirationTime attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:258
+msgid "loginAllowedTimeMap attribute of NDS"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:259
+msgid "SSH public key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:261
+msgid "Base DN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:264
+msgid "Objectclass for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:265
+msgid "Group name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:266
+msgid "Group password"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:267
+msgid "GID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:268
+msgid "Group member attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:269
+msgid "Group UUID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:271
+msgid "Modification time attribute for groups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:273
+msgid "Maximum nesting level SSSd will follow"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:275
+msgid "Base DN for netgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:276
+msgid "Objectclass for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:277
+msgid "Netgroup name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:278
+msgid "Netgroups members attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:279
+msgid "Netgroup triple attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:280
+msgid "Netgroup UUID attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:281
+msgid "Modification time attribute for netgroups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:283
+msgid "Base DN for service lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:284
+msgid "Objectclass for services"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:285
+msgid "Service name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:286
+msgid "Service port attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:287
+msgid "Service protocol attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:290
+msgid "Lower bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:291
+msgid "Upper bound for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:292
+msgid "Number of IDs for each slice when ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:293
+msgid "Use autorid-compatible algorithm for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:294
+msgid "Name of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:295
+msgid "SID of the default domain for ID-mapping"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:297
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:298
+msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:301
+msgid "Policy to evaluate the password expiration"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:304
+msgid "LDAP filter to determine access privileges"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:305
+msgid "Which attributes shall be used to evaluate if an account is expired"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:306
+msgid "Which rules should be used to evaluate access control"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:309
+msgid "URI of an LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:310
+msgid "URI of a backup LDAP server where password changes are allowed"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:311
+msgid "DNS service name for LDAP password change server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:312
+msgid ""
+"Whether to update the ldap_user_shadow_last_change attribute after a "
+"password change"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:315
+msgid "Base DN for sudo rules lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:316
+msgid "Automatic full refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:317
+msgid "Automatic smart refresh period"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:318
+msgid "Whether to filter rules by hostname, IP addresses and network"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:319
+msgid ""
+"Hostnames and/or fully qualified domain names of this machine to filter sudo "
+"rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:320
+msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:321
+msgid "Whether to include rules that contains netgroup in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:322
+msgid ""
+"Whether to include rules that contains regular expression in host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:323
+msgid "Object class for sudo rules"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:324
+msgid "Sudo rule name"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:325
+msgid "Sudo rule command attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:326
+msgid "Sudo rule host attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:327
+msgid "Sudo rule user attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:328
+msgid "Sudo rule option attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:329
+msgid "Sudo rule runasuser attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:330
+msgid "Sudo rule runasgroup attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:331
+msgid "Sudo rule notbefore attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:332
+msgid "Sudo rule notafter attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:333
+msgid "Sudo rule order attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:336
+msgid "Object class for automounter maps"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:337
+msgid "Automounter map name attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:338
+msgid "Object class for automounter map entries"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:339
+msgid "Automounter map entry key attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:340
+msgid "Automounter map entry value attribute"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:341
+msgid "Base DN for automounter map lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:344
+msgid "Comma separated list of allowed users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:345
+msgid "Comma separated list of prohibited users"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:348
+msgid "Default shell, /bin/bash"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:349
+msgid "Base for home directories"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:352
+msgid "The name of the NSS library to use"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:353
+msgid "Whether to look up canonical group name from cache if possible"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:356
+msgid "PAM stack to use"
+msgstr ""
+
+#: src/monitor/monitor.c:2646
+msgid "Become a daemon (default)"
+msgstr ""
+
+#: src/monitor/monitor.c:2648
+msgid "Run interactive (not a daemon)"
+msgstr ""
+
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
+msgid "Specify a non-default config file"
+msgstr ""
+
+#: src/monitor/monitor.c:2652
+msgid "Print version number and exit"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
+msgid "Debug level"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
+msgid "Add debug timestamps"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
+msgid "Show timestamps with microseconds"
+msgstr ""
+
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
+msgid "An open file descriptor for the debug logs"
+msgstr ""
+
+#: src/providers/data_provider_be.c:2704
+msgid "Domain of the information provider (mandatory)"
+msgstr ""
+
+#: src/sss_client/common.c:946
+msgid "Privileged socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:949
+msgid "Public socket has wrong ownership or permissions."
+msgstr ""
+
+#: src/sss_client/common.c:952
+msgid "Unexpected format of the server credential message."
+msgstr ""
+
+#: src/sss_client/common.c:955
+msgid "SSSD is not run by root."
+msgstr ""
+
+#: src/sss_client/common.c:960
+msgid "An error occurred, but no description can be found."
+msgstr ""
+
+#: src/sss_client/common.c:966
+msgid "Unexpected error while looking for an error description"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:387
+msgid "Passwords do not match"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:575
+msgid "Password reset by root is not supported."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:616
+msgid "Authenticated with cached credentials"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:617
+msgid ", your cached password will expire at: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:647
+#, c-format
+msgid "Your password has expired. You have %1$d grace login(s) remaining."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:693
+#, c-format
+msgid "Your password will expire in %1$d %2$s."
+msgstr ""
+
+#: src/sss_client/pam_sss.c:742
+msgid "Authentication is denied until: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:763
+msgid "System is offline, password change not possible"
+msgstr ""
+
+#: src/sss_client/pam_sss.c:793 src/sss_client/pam_sss.c:806
+msgid "Password change failed. "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:796 src/sss_client/pam_sss.c:807
+msgid "Server message: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1231
+msgid "New Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1232
+msgid "Reenter new Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1318
+msgid "Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1350
+msgid "Current Password: "
+msgstr ""
+
+#: src/sss_client/pam_sss.c:1497
+msgid "Password expired. Change your password now."
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
+msgid "The debug level to run with"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:42
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:196
+msgid "The SSSD domain to use"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
+msgid "Error setting the locale\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+msgid "Not enough memory\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+msgid "User not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+msgid "Error looking up public keys\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:194
+msgid "The port to use to connect to the host"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:238
+msgid "Invalid port\n"
+msgstr "无效端口\n"
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:243
+msgid "Host not specified\n"
+msgstr ""
+
+#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:249
+msgid "The path to the proxy command must be absolute\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:49 src/tools/sss_usermod.c:48
+msgid "The UID of the user"
+msgstr ""
+
+#: src/tools/sss_useradd.c:50 src/tools/sss_usermod.c:50
+msgid "The comment string"
+msgstr ""
+
+#: src/tools/sss_useradd.c:51 src/tools/sss_usermod.c:51
+msgid "Home directory"
+msgstr ""
+
+#: src/tools/sss_useradd.c:52 src/tools/sss_usermod.c:52
+msgid "Login shell"
+msgstr ""
+
+#: src/tools/sss_useradd.c:53
+msgid "Groups"
+msgstr ""
+
+#: src/tools/sss_useradd.c:54
+msgid "Create user's directory if it does not exist"
+msgstr ""
+
+#: src/tools/sss_useradd.c:55
+msgid "Never create user's directory, overrides config"
+msgstr ""
+
+#: src/tools/sss_useradd.c:56
+msgid "Specify an alternative skeleton directory"
+msgstr ""
+
+#: src/tools/sss_useradd.c:57 src/tools/sss_usermod.c:57
+msgid "The SELinux user for user's login"
+msgstr ""
+
+#: src/tools/sss_useradd.c:86 src/tools/sss_groupmod.c:78
+#: src/tools/sss_usermod.c:87
+msgid "Specify group to add to\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:110
+msgid "Specify user to add\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_usermod.c:128
+msgid "Error initializing the tools - no local domain\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_usermod.c:130
+msgid "Error initializing the tools\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_usermod.c:139
+msgid "Invalid domain specified in FQDN\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:139 src/tools/sss_groupmod.c:141
+#: src/tools/sss_groupmod.c:168 src/tools/sss_usermod.c:162
+#: src/tools/sss_usermod.c:189
+msgid "Internal error while parsing parameters\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:147 src/tools/sss_usermod.c:170
+#: src/tools/sss_usermod.c:197
+msgid "Groups must be in the same domain as user\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:155
+#, c-format
+msgid "Cannot find group %1$s in local domain\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+msgid "Cannot set default values\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:177 src/tools/sss_usermod.c:153
+msgid "The selected UID is outside the allowed range\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
+msgid "Cannot set SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:221
+msgid "Cannot get info about the user\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:233
+msgid "User's home directory already exists, not copying data from skeldir\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:236
+#, c-format
+msgid "Cannot create user's home directory: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:247
+#, c-format
+msgid "Cannot create user's mail spool: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:266
+msgid "Could not allocate ID for the user - domain full?\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:270
+msgid "A user or group with the same name or ID already exists\n"
+msgstr ""
+
+#: src/tools/sss_useradd.c:276
+msgid "Transaction error. Could not add user.\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:43 src/tools/sss_groupmod.c:48
+msgid "The GID of the group"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:75
+msgid "Specify group to add\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:104 src/tools/sss_groupmod.c:192
+msgid "The selected GID is outside the allowed range\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:141
+msgid "Could not allocate ID for the group - domain full?\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:145
+msgid "A group with the same name or GID already exists\n"
+msgstr ""
+
+#: src/tools/sss_groupadd.c:150
+msgid "Transaction error. Could not add group.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:69
+msgid "Specify group to delete\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:102
+#, c-format
+msgid "Group %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
+msgid ""
+"No such group in local domain. Removing groups only allowed in local "
+"domain.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:134
+msgid "Internal error. Could not remove group.\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:44
+msgid "Groups to add this group to"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:46
+msgid "Groups to remove this group from"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:86 src/tools/sss_usermod.c:95
+msgid "Specify group to remove from\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:100
+msgid "Specify group to modify\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:128
+msgid ""
+"Cannot find group in local domain, modifying groups is allowed only in local "
+"domain\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:149 src/tools/sss_groupmod.c:176
+msgid "Member groups must be in the same domain as parent group\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:157 src/tools/sss_groupmod.c:184
+#: src/tools/sss_usermod.c:178 src/tools/sss_usermod.c:205
+#, c-format
+msgid ""
+"Cannot find group %1$s in local domain, only groups in local domain are "
+"allowed\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:250
+msgid "Could not modify group - check if member group names are correct\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:254
+msgid "Could not modify group - check if groupname is correct\n"
+msgstr ""
+
+#: src/tools/sss_groupmod.c:258
+msgid "Transaction error. Could not modify group.\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:599
+#, c-format
+msgid "%1$s%2$sGroup: %3$s\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:600
+msgid "Magic Private "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:602
+#, c-format
+msgid "%1$sGID number: %2$d\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:604
+#, c-format
+msgid "%1$sMember users: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:611
+#, c-format
+msgid ""
+"\n"
+"%1$sIs a member of: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:618
+#, c-format
+msgid ""
+"\n"
+"%1$sMember groups: "
+msgstr ""
+
+#: src/tools/sss_groupshow.c:654
+msgid "Print indirect group members recursively"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:687
+msgid "Specify group to show\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:726
+msgid ""
+"No such group in local domain. Printing groups only allowed in local "
+"domain.\n"
+msgstr ""
+
+#: src/tools/sss_groupshow.c:731
+msgid "Internal error. Could not print group.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:134
+msgid "Remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:136
+msgid "Do not remove home directory and mail spool"
+msgstr ""
+
+#: src/tools/sss_userdel.c:138
+msgid "Force removal of files not owned by the user"
+msgstr ""
+
+#: src/tools/sss_userdel.c:140
+msgid "Kill users' processes before removing him"
+msgstr ""
+
+#: src/tools/sss_userdel.c:185
+msgid "Specify user to delete\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:231
+#, c-format
+msgid "User %1$s is outside the defined ID range for domain\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:256
+msgid "Cannot reset SELinux login context\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:268
+#, c-format
+msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:273
+msgid "Cannot determine if the user was logged in on this platform"
+msgstr ""
+
+#: src/tools/sss_userdel.c:278
+msgid "Error while checking if the user was logged in\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:285
+#, c-format
+msgid "The post-delete command failed: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:305
+msgid "Not removing home dir - not owned by user\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:307
+#, c-format
+msgid "Cannot remove homedir: %1$s\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:320
+msgid ""
+"No such user in local domain. Removing users only allowed in local domain.\n"
+msgstr ""
+
+#: src/tools/sss_userdel.c:325
+msgid "Internal error. Could not remove user.\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:49
+msgid "The GID of the user"
+msgstr ""
+
+#: src/tools/sss_usermod.c:53
+msgid "Groups to add this user to"
+msgstr ""
+
+#: src/tools/sss_usermod.c:54
+msgid "Groups to remove this user from"
+msgstr ""
+
+#: src/tools/sss_usermod.c:55
+msgid "Lock the account"
+msgstr ""
+
+#: src/tools/sss_usermod.c:56
+msgid "Unlock the account"
+msgstr ""
+
+#: src/tools/sss_usermod.c:119
+msgid "Specify user to modify\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:146
+msgid ""
+"Cannot find user in local domain, modifying users is allowed only in local "
+"domain\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:281
+msgid "Could not modify user - check if group names are correct\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:285
+msgid "Could not modify user - user already member of groups?\n"
+msgstr ""
+
+#: src/tools/sss_usermod.c:289
+msgid "Transaction error. Could not modify user.\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:144
+msgid "No cache object matched the specified search\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:325
+#, c-format
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:328
+#, c-format
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:340
+#, c-format
+msgid "Couldn't invalidate %1$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:347
+#, c-format
+msgid "Couldn't invalidate %1$s %2$s"
+msgstr ""
+
+#: src/tools/sss_cache.c:470
+msgid "Invalidate particular user"
+msgstr ""
+
+#: src/tools/sss_cache.c:472
+msgid "Invalidate all users"
+msgstr ""
+
+#: src/tools/sss_cache.c:474
+msgid "Invalidate particular group"
+msgstr ""
+
+#: src/tools/sss_cache.c:476
+msgid "Invalidate all groups"
+msgstr ""
+
+#: src/tools/sss_cache.c:478
+msgid "Invalidate particular netgroup"
+msgstr ""
+
+#: src/tools/sss_cache.c:480
+msgid "Invalidate all netgroups"
+msgstr ""
+
+#: src/tools/sss_cache.c:482
+msgid "Invalidate particular service"
+msgstr ""
+
+#: src/tools/sss_cache.c:484
+msgid "Invalidate all services"
+msgstr ""
+
+#: src/tools/sss_cache.c:487
+msgid "Invalidate particular autofs map"
+msgstr ""
+
+#: src/tools/sss_cache.c:489
+msgid "Invalidate all autofs maps"
+msgstr ""
+
+#: src/tools/sss_cache.c:492
+msgid "Only invalidate entries from a particular domain"
+msgstr ""
+
+#: src/tools/sss_cache.c:534
+msgid "Please select at least one object to invalidate\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:604
+#, c-format
+msgid "Could not open domain %1$s\n"
+msgstr ""
+
+#: src/tools/sss_cache.c:606
+msgid "Could not open available domains\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:40
+msgid "\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:96
+msgid "Specify debug level you want to set\n"
+msgstr ""
+
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
+msgid "Out of memory\n"
+msgstr ""
+
+#: src/tools/tools_util.h:43
+#, c-format
+msgid "%1$s must be run as root\n"
+msgstr ""
+
+#: src/util/util.h:93
+msgid "Send the debug output to files instead of stderr"
+msgstr ""
+
+#~ msgid "SSSD is already running\n"
+#~ msgstr "SSSD 已经运行\n"
diff --git a/po/zh_TW.po b/po/zh_TW.po
index 5a9bf9bbd..02f3246ae 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2012-10-12 21:15+0200\n"
+"POT-Creation-Date: 2013-04-02 18:28+0200\n"
"PO-Revision-Date: 2012-10-05 17:31+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (Taiwan) <trans-zh_TW@lists.fedoraproject.org>\n"
@@ -254,827 +254,837 @@ msgid "Display users/groups in fully-qualified form"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:114
-#: src/config/SSSDConfig/__init__.py.in:121
+msgid "Don't include group members in group lookups"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:115
#: src/config/SSSDConfig/__init__.py.in:122
#: src/config/SSSDConfig/__init__.py.in:123
#: src/config/SSSDConfig/__init__.py.in:124
#: src/config/SSSDConfig/__init__.py.in:125
#: src/config/SSSDConfig/__init__.py.in:126
+#: src/config/SSSDConfig/__init__.py.in:127
msgid "Entry cache timeout length (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:115
+#: src/config/SSSDConfig/__init__.py.in:116
msgid ""
"Restrict or prefer a specific address family when performing DNS lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:116
+#: src/config/SSSDConfig/__init__.py.in:117
msgid "How long to keep cached entries after last successful login (days)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:117
+#: src/config/SSSDConfig/__init__.py.in:118
msgid "How long to wait for replies from DNS when resolving servers (seconds)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:118
+#: src/config/SSSDConfig/__init__.py.in:119
msgid "The domain part of service discovery DNS query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:119
+#: src/config/SSSDConfig/__init__.py.in:120
msgid "Override GID value from the identity provider with this value"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:120
+#: src/config/SSSDConfig/__init__.py.in:121
msgid "Treat usernames as case sensitive"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:130
msgid "IPA domain"
msgstr "IPA 網域"
-#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:131
msgid "IPA server address"
msgstr "IPA 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "IPA client hostname"
msgstr "IPA 客戶端主機名稱"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:135
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:136
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:135
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:136
+#: src/config/SSSDConfig/__init__.py.in:138
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:139
+msgid ""
+"The amount of time in seconds between lookups of the SELinux maps against "
+"the IPA server"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:154
msgid "Kerberos server address"
msgstr "Kerberos 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Authentication timeout"
msgstr "認證逾時"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Directory to store credential caches"
msgstr "儲存憑證快取的目錄"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:161
msgid "Location of the user's credential cache"
msgstr "使用者憑證快取的位置"
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:162
msgid "Location of the keytab to validate credentials"
msgstr "驗證憑證用的金鑰表格位置"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Enable credential validation"
msgstr "啟用憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:168
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:183
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:185
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "Require TLS certificate verification"
msgstr "需要 TLS 憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Specify the sasl mechanism to use"
msgstr "指定要使用的 sasl 機制"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Specify the sasl authorization id to use"
msgstr "指定要使用的 sasl 認證 id"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:206
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Disable the LDAP paging control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "Length of time to wait for a search request"
msgstr "搜尋請求的等候時間長度"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:222
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:224
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Full Name"
msgstr "全名"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:273
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:272
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:282
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Policy to evaluate the password expiration"
msgstr "評估密碼過期時效的策略"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:309
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:312
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:313
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Comma separated list of allowed users"
msgstr "許可的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Comma separated list of prohibited users"
msgstr "被禁止的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Default shell, /bin/bash"
msgstr "預設 shell,/bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "The name of the NSS library to use"
msgstr "要使用的 NSS 函式庫名稱"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:356
msgid "PAM stack to use"
msgstr "要使用的 PAM 堆疊"
-#: src/monitor/monitor.c:2476
+#: src/monitor/monitor.c:2646
msgid "Become a daemon (default)"
msgstr "作為幕後程式 (預設)"
-#: src/monitor/monitor.c:2478
+#: src/monitor/monitor.c:2648
msgid "Run interactive (not a daemon)"
msgstr "以互動方式執行 (非幕後程式)"
-#: src/monitor/monitor.c:2480 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "指定非預設的配置檔"
-#: src/monitor/monitor.c:2482
+#: src/monitor/monitor.c:2652
msgid "Print version number and exit"
msgstr ""
-#: src/monitor/monitor.c:2599
-msgid "SSSD is already running\n"
-msgstr ""
-
-#: src/providers/krb5/krb5_child.c:1894 src/providers/ldap/ldap_child.c:432
-#: src/util/util.h:94
+#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/util/util.h:91
msgid "Debug level"
msgstr "除錯層級"
-#: src/providers/krb5/krb5_child.c:1896 src/providers/ldap/ldap_child.c:434
-#: src/util/util.h:98
+#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "加入除錯時間戳記"
-#: src/providers/krb5/krb5_child.c:1898 src/providers/ldap/ldap_child.c:436
-#: src/util/util.h:100
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr ""
-#: src/providers/krb5/krb5_child.c:1900 src/providers/ldap/ldap_child.c:438
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2365
+#: src/providers/data_provider_be.c:2704
msgid "Domain of the information provider (mandatory)"
msgstr ""
-#: src/sss_client/common.c:947
+#: src/sss_client/common.c:946
msgid "Privileged socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:950
+#: src/sss_client/common.c:949
msgid "Public socket has wrong ownership or permissions."
msgstr ""
-#: src/sss_client/common.c:953
+#: src/sss_client/common.c:952
msgid "Unexpected format of the server credential message."
msgstr ""
-#: src/sss_client/common.c:956
+#: src/sss_client/common.c:955
msgid "SSSD is not run by root."
msgstr ""
-#: src/sss_client/common.c:961
+#: src/sss_client/common.c:960
msgid "An error occurred, but no description can be found."
msgstr ""
-#: src/sss_client/common.c:967
+#: src/sss_client/common.c:966
msgid "Unexpected error while looking for an error description"
msgstr ""
@@ -1142,10 +1152,10 @@ msgstr "密碼已過期。請立刻變更您的密碼。"
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:40
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
-#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:43
-#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:651
-#: src/tools/sss_userdel.c:131 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:350 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
+#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
+#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1155,10 +1165,10 @@ msgid "The SSSD domain to use"
msgstr ""
#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
-#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:52
-#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:662
-#: src/tools/sss_userdel.c:148 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:381
+#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
+#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
+#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:499
msgid "Error setting the locale\n"
msgstr "設定區域設置時發生錯誤\n"
@@ -1237,22 +1247,22 @@ msgid "Specify user to add\n"
msgstr "指定要加入的使用者\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
-#: src/tools/sss_groupdel.c:77 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:695 src/tools/sss_userdel.c:193
+#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "初始化工具時發生錯誤 - 沒有本機網域\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
-#: src/tools/sss_groupdel.c:79 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:697 src/tools/sss_userdel.c:195
+#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "初始化工具時發生錯誤\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
-#: src/tools/sss_groupdel.c:88 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:706 src/tools/sss_userdel.c:204
+#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "在 FQDN 內指定了無效的網域\n"
@@ -1273,7 +1283,7 @@ msgstr "群組必須位於與使用者相同的網域內\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:214
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
msgid "Cannot set default values\n"
msgstr "無法設定預設值\n"
@@ -1281,7 +1291,7 @@ msgstr "無法設定預設值\n"
msgid "The selected UID is outside the allowed range\n"
msgstr "所選的 UID 位於許可的範圍外\n"
-#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:243
+#: src/tools/sss_useradd.c:206 src/tools/sss_usermod.c:264
msgid "Cannot set SELinux login context\n"
msgstr ""
@@ -1339,22 +1349,30 @@ msgstr "已經存在相同名稱的群組或 GID\n"
msgid "Transaction error. Could not add group.\n"
msgstr "處理事項發生錯誤。無法加入群組。\n"
-#: src/tools/sss_groupdel.c:68
+#: src/tools/sss_groupdel.c:69
msgid "Specify group to delete\n"
msgstr "指定要刪除的群組\n"
-#: src/tools/sss_groupdel.c:101
+#: src/tools/sss_groupdel.c:102
#, c-format
msgid "Group %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_groupdel.c:115
+#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
+#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
+#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
+#, c-format
+msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
+msgstr ""
+
+#: src/tools/sss_groupdel.c:129
msgid ""
"No such group in local domain. Removing groups only allowed in local "
"domain.\n"
msgstr "在本機網域內沒有這樣的群組。只許可在本機網域內移除群組。\n"
-#: src/tools/sss_groupdel.c:120
+#: src/tools/sss_groupdel.c:134
msgid "Internal error. Could not remove group.\n"
msgstr "內部錯誤。無法移除群組。\n"
@@ -1392,131 +1410,131 @@ msgid ""
"allowed\n"
msgstr ""
-#: src/tools/sss_groupmod.c:229
+#: src/tools/sss_groupmod.c:250
msgid "Could not modify group - check if member group names are correct\n"
msgstr ""
-#: src/tools/sss_groupmod.c:233
+#: src/tools/sss_groupmod.c:254
msgid "Could not modify group - check if groupname is correct\n"
msgstr "無法修改群組 - 請檢查群組名稱是否正確\n"
-#: src/tools/sss_groupmod.c:237
+#: src/tools/sss_groupmod.c:258
msgid "Transaction error. Could not modify group.\n"
msgstr "處理事項發生錯誤。無法修改群組。\n"
-#: src/tools/sss_groupshow.c:598
+#: src/tools/sss_groupshow.c:599
#, c-format
msgid "%1$s%2$sGroup: %3$s\n"
msgstr ""
-#: src/tools/sss_groupshow.c:599
+#: src/tools/sss_groupshow.c:600
msgid "Magic Private "
msgstr "魔法隱私"
-#: src/tools/sss_groupshow.c:601
+#: src/tools/sss_groupshow.c:602
#, c-format
msgid "%1$sGID number: %2$d\n"
msgstr ""
-#: src/tools/sss_groupshow.c:603
+#: src/tools/sss_groupshow.c:604
#, c-format
msgid "%1$sMember users: "
msgstr ""
-#: src/tools/sss_groupshow.c:610
+#: src/tools/sss_groupshow.c:611
#, c-format
msgid ""
"\n"
"%1$sIs a member of: "
msgstr ""
-#: src/tools/sss_groupshow.c:617
+#: src/tools/sss_groupshow.c:618
#, c-format
msgid ""
"\n"
"%1$sMember groups: "
msgstr ""
-#: src/tools/sss_groupshow.c:653
+#: src/tools/sss_groupshow.c:654
msgid "Print indirect group members recursively"
msgstr "遞迴地列出間接的群組成員"
-#: src/tools/sss_groupshow.c:686
+#: src/tools/sss_groupshow.c:687
msgid "Specify group to show\n"
msgstr "指定要顯示的群組\n"
-#: src/tools/sss_groupshow.c:725
+#: src/tools/sss_groupshow.c:726
msgid ""
"No such group in local domain. Printing groups only allowed in local "
"domain.\n"
msgstr "本機網域內沒有這樣的群組。只許可在本機網域內列出群組。\n"
-#: src/tools/sss_groupshow.c:730
+#: src/tools/sss_groupshow.c:731
msgid "Internal error. Could not print group.\n"
msgstr "內部錯誤。無法列出群組。\n"
-#: src/tools/sss_userdel.c:133
+#: src/tools/sss_userdel.c:134
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:135
+#: src/tools/sss_userdel.c:136
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:137
+#: src/tools/sss_userdel.c:138
msgid "Force removal of files not owned by the user"
msgstr "強制檔案的移除並非由使用者所擁有"
-#: src/tools/sss_userdel.c:139
+#: src/tools/sss_userdel.c:140
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:184
+#: src/tools/sss_userdel.c:185
msgid "Specify user to delete\n"
msgstr "指定要刪除的使用者\n"
-#: src/tools/sss_userdel.c:230
+#: src/tools/sss_userdel.c:231
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:255
+#: src/tools/sss_userdel.c:256
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:267
+#: src/tools/sss_userdel.c:268
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:272
+#: src/tools/sss_userdel.c:273
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:277
+#: src/tools/sss_userdel.c:278
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:284
+#: src/tools/sss_userdel.c:285
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:296
+#: src/tools/sss_userdel.c:305
msgid "Not removing home dir - not owned by user\n"
msgstr "不會移除家目錄 - 並非由使用者所擁有\n"
-#: src/tools/sss_userdel.c:298
+#: src/tools/sss_userdel.c:307
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:309
+#: src/tools/sss_userdel.c:320
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr "在本機網域內沒有這樣的使用者。只許可在本機網域內移除使用者。\n"
-#: src/tools/sss_userdel.c:314
+#: src/tools/sss_userdel.c:325
msgid "Internal error. Could not remove user.\n"
msgstr "內部錯誤。無法移除使用者。\n"
@@ -1550,96 +1568,96 @@ msgid ""
"domain\n"
msgstr "在本機網域內找不到使用者,只許可在本機網域內修改使用者\n"
-#: src/tools/sss_usermod.c:260
+#: src/tools/sss_usermod.c:281
msgid "Could not modify user - check if group names are correct\n"
msgstr "無法修改使用者 - 請檢查群組名稱是否正確\n"
-#: src/tools/sss_usermod.c:264
+#: src/tools/sss_usermod.c:285
msgid "Could not modify user - user already member of groups?\n"
msgstr "無法修改使用者 - 使用者是否已經是群組的成員?\n"
-#: src/tools/sss_usermod.c:268
+#: src/tools/sss_usermod.c:289
msgid "Transaction error. Could not modify user.\n"
msgstr "處理事項發生錯誤。無法修改使用者。\n"
-#: src/tools/sss_cache.c:142
+#: src/tools/sss_cache.c:144
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:201
+#: src/tools/sss_cache.c:325
#, c-format
-msgid "No such %1$s named %2$s, skipping\n"
+msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:204
+#: src/tools/sss_cache.c:328
#, c-format
-msgid "No objects of type %1$s in the cache, skipping\n"
+msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
msgstr ""
-#: src/tools/sss_cache.c:216
+#: src/tools/sss_cache.c:340
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:223
+#: src/tools/sss_cache.c:347
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:352
+#: src/tools/sss_cache.c:470
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:354
+#: src/tools/sss_cache.c:472
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:356
+#: src/tools/sss_cache.c:474
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:358
+#: src/tools/sss_cache.c:476
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:360
+#: src/tools/sss_cache.c:478
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:362
+#: src/tools/sss_cache.c:480
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:364
+#: src/tools/sss_cache.c:482
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:366
+#: src/tools/sss_cache.c:484
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:369
+#: src/tools/sss_cache.c:487
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:371
+#: src/tools/sss_cache.c:489
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:374
+#: src/tools/sss_cache.c:492
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:413
+#: src/tools/sss_cache.c:534
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:604
#, c-format
msgid "Could not open domain %1$s\n"
msgstr ""
-#: src/tools/sss_cache.c:486
+#: src/tools/sss_cache.c:606
msgid "Could not open available domains\n"
msgstr ""
@@ -1651,7 +1669,16 @@ msgstr ""
msgid "Specify debug level you want to set\n"
msgstr ""
-#: src/tools/tools_util.c:280
+#: src/tools/sss_debuglevel.c:102
+msgid "Only one argument expected\n"
+msgstr ""
+
+#: src/tools/tools_util.c:200
+#, c-format
+msgid "Name '%1$s' does not seem to be FQDN ('%2$s = TRUE' is set)\n"
+msgstr ""
+
+#: src/tools/tools_util.c:303
msgid "Out of memory\n"
msgstr "記憶體耗盡\n"
@@ -1660,6 +1687,6 @@ msgstr "記憶體耗盡\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:96
+#: src/util/util.h:93
msgid "Send the debug output to files instead of stderr"
msgstr "傳送除錯輸出到檔案而不是標準輸出"
diff --git a/src/man/po/br.po b/src/man/po/br.po
index 5136bebdc..80137f3c6 100644
--- a/src/man/po/br.po
+++ b/src/man/po/br.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 17:53+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Breton (http://www.transifex.com/projects/p/fedora/language/"
@@ -139,7 +139,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "Ar restr gefluniañ evit SSSD"
@@ -206,7 +206,7 @@ msgid "The [sssd] section"
msgstr "Ar rann [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Arventennoù ar rann"
@@ -243,19 +243,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Dre ziouer : 3"
@@ -274,7 +274,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (neudennad)"
@@ -294,7 +294,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (neudennad)"
@@ -377,32 +377,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -412,15 +391,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -438,12 +417,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "RANNOÙ SERVIJOÙ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -452,80 +431,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Dre ziouer : true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -535,23 +515,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -630,8 +631,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Dre ziouer : 15"
@@ -710,13 +711,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -729,12 +740,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -742,231 +753,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -974,59 +986,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Dre zoiuer : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1034,7 +1046,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1043,17 +1055,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1061,115 +1073,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Dre ziouer : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1181,7 +1193,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1192,24 +1204,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1217,12 +1229,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1231,24 +1243,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "RANNOÙ DOMANI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1257,56 +1269,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1314,123 +1329,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1439,17 +1461,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1458,33 +1480,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1492,8 +1514,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1502,8 +1524,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1511,19 +1533,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1532,19 +1554,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1552,7 +1592,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1560,30 +1600,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1591,19 +1631,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1612,24 +1652,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1637,7 +1677,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1645,35 +1685,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1681,22 +1721,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1704,7 +1745,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1712,31 +1753,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1744,28 +1785,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1773,7 +1809,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1781,24 +1817,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1806,19 +1842,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1827,29 +1863,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1857,7 +1893,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1865,14 +1901,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1880,59 +1916,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1940,56 +1976,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1998,30 +2034,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2029,29 +2065,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2059,19 +2095,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2079,73 +2115,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2153,17 +2189,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2172,17 +2208,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2190,17 +2226,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2208,18 +2244,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2249,7 +2285,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2290,7 +2326,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -3022,8 +3058,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3038,7 +3074,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3226,7 +3262,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3426,6 +3462,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3486,7 +3523,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3759,53 +3796,75 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "full_name_format (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "full_name_format (neudennad)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3813,27 +3872,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3845,7 +3904,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3853,7 +3912,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3861,53 +3920,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3915,32 +3974,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3949,56 +4013,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4009,12 +4073,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4023,14 +4087,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4039,24 +4103,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4064,19 +4128,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4085,7 +4149,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4093,7 +4157,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4102,94 +4166,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4201,213 +4296,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4415,106 +4510,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4523,76 +4618,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4601,46 +4696,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4648,43 +4743,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4692,7 +4787,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4700,7 +4795,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4710,23 +4805,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5029,7 +5124,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5040,12 +5135,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5053,7 +5156,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5105,25 +5208,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5133,87 +5244,107 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 120"
+msgid "Default: 1200 (seconds)"
+msgstr "Dre ziouer : 120"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5221,86 +5352,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5308,12 +5439,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5321,17 +5452,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5340,313 +5484,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5654,7 +5830,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5792,7 +5968,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5800,7 +5976,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5814,11 +5990,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5992,7 +6190,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7694,7 +7892,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8143,7 +8341,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/ca.po b/src/man/po/ca.po
index 7c9ffd89a..25b1b6b09 100644
--- a/src/man/po/ca.po
+++ b/src/man/po/ca.po
@@ -3,14 +3,15 @@
# This file is distributed under the same license as the sssd-docs package.
#
# Translators:
+# <jmas@softcatala.org>, 2012.
# <muzzol@gmail.com>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
-"PO-Revision-Date: 2012-10-08 11:08+0000\n"
-"Last-Translator: muzzol <muzzol@gmail.com>\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2012-12-27 18:09+0000\n"
+"Last-Translator: jordimash <jmas@softcatala.org>\n"
"Language-Team: Catalan <fedora@llistes.softcatala.org>\n"
"Language: ca\n"
"MIME-Version: 1.0\n"
@@ -146,7 +147,7 @@ msgstr "Formats de fitxer i convencions"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "l'arxiu de configuració per a SSSD"
@@ -228,7 +229,7 @@ msgid "The [sssd] section"
msgstr "La secció [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Paràmetres de la secció"
@@ -269,12 +270,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -283,7 +284,7 @@ msgstr ""
"caiguda del Proveïdor de Dades o reiniciar abans de donar-se per vençuts"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Per defecte: 3"
@@ -306,7 +307,7 @@ msgstr ""
"que es va preguntar la llista de dominis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -326,7 +327,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
@@ -422,32 +423,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "Per defecte: 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -457,15 +437,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -489,12 +469,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "SECCIONS DE SERVEIS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -507,80 +487,81 @@ msgstr ""
"quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr "Opcions de configuració del servei general"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "Aquestes opcions es poden utilitzar per a configurar qualsevol servei."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "Afegir una marca de temps als missatges de depuració"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Per defecte: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Per defecte: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Per defecte: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -590,23 +571,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Per defecte: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -706,8 +708,8 @@ msgstr ""
"la base de dades, com les inexistents) abans de preguntar al rerefons una "
"altra vegada."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Per defecte: 15"
@@ -788,13 +790,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -807,12 +819,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -820,183 +832,184 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Per defecte: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr "Opcions de configuració de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1005,12 +1018,12 @@ msgstr ""
"Authentication Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1020,17 +1033,17 @@ msgstr ""
"de sessió)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1039,12 +1052,12 @@ msgstr ""
"fallits es permet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1054,7 +1067,7 @@ msgstr ""
"possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1062,17 +1075,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Per defecte: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1081,43 +1094,43 @@ msgstr ""
"autenticació. Com més gran sigui el nombre més missatges es mostren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr "L'Sssd suporta actualment els següents valors:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostris cap missatge"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: Mostra només missatges importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: Mostra missatges informatius"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Per defecte: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1129,7 +1142,7 @@ msgstr ""
"l'última informació."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1143,17 +1156,17 @@ msgstr ""
"proveïdor d'identitat."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1161,115 +1174,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Per defecte: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1281,7 +1294,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1292,24 +1305,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1317,12 +1330,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1331,17 +1344,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "SECCIONS DE DOMINI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1350,7 +1363,7 @@ msgstr ""
"fora d'aquests límits, s'ignora."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1363,17 +1376,17 @@ msgstr ""
"com s'esperava."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerate (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1382,28 +1395,38 @@ msgstr ""
"valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Els usuaris i grups s'enumeren"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Cap enumeració per a aquest domini"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Per defecte: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
+#, fuzzy
+#| msgid ""
+#| "Note: Enabling enumeration has a moderate performance impact on SSSD "
+#| "while enumeration is running. It may take up to several minutes after "
+#| "SSSD startup to fully complete enumerations. During this time, "
+#| "individual requests for information will go directly to LDAP, though it "
+#| "may be slow, due to the heavy enumeration processing."
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
"Nota: Permetre l'enumeració té un impacte moderat en el rendiment de l'SSSD "
"mentre s'està executant l'enumeració. Pot prendre fins a uns quants minuts "
@@ -1413,7 +1436,7 @@ msgstr ""
"d'enumeració."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1423,7 +1446,7 @@ msgstr ""
"finalitzi."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1436,13 +1459,20 @@ msgstr ""
"a més informació, aneu a les pàgines de manual de l'id_provider específic en "
"ús."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1451,112 +1481,112 @@ msgstr ""
"demanar al rerefons una altra vegada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Per defecte: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Determina si les credencials d'usuari també són emmagatzemades en la memòria "
"cau local de LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1569,17 +1599,17 @@ msgstr ""
"ha de ser superior o igual a offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1588,33 +1618,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+#, fuzzy
+#| msgid "proxy: Support a legacy NSS provider"
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "proxy: donar suport a un proveïdor NSS antic"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1622,8 +1654,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1632,8 +1664,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1641,19 +1673,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1666,12 +1698,32 @@ msgstr ""
"trobaria l'usuari mentre que <command>getent passwd test@LOCAL</command> si."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ldap_netgroup_member (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ldap_netgroup_member (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1680,7 +1732,7 @@ msgstr ""
"d'autenticació suportats són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1691,7 +1743,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1702,7 +1754,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -1710,12 +1762,12 @@ msgstr ""
"de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> impossibilita l'autenticació explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1724,12 +1776,12 @@ msgstr ""
"gestionar les sol·licituds d'autenticació."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1740,19 +1792,19 @@ msgstr ""
"instal·lats) Els proveïdors especials interns són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> sempre denega l'accés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1765,17 +1817,17 @@ msgstr ""
"configuració del mòdul d'accés simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr "Per defecte: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr "chpass_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1784,7 +1836,7 @@ msgstr ""
"al domini. Els proveïdors de canvi de contrasenya compatibles són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1796,7 +1848,7 @@ msgstr ""
"configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1807,7 +1859,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1815,12 +1867,12 @@ msgstr ""
"objectiu de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1829,17 +1881,17 @@ msgstr ""
"gestionar peticions de canvi de contrasenya."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1847,22 +1899,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1870,7 +1923,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1878,31 +1931,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
+#, fuzzy
+#| msgid ""
+#| "The provider which should handle change password operations for the "
+#| "domain. Supported change password providers are:"
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
+"El proveïdor que hauria de gestionar les operacions de canvi contrasenya per "
+"al domini. Els proveïdors de canvi de contrasenya compatibles són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1910,28 +1969,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "Per defecte: none"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1939,7 +1993,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1947,24 +2001,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1972,19 +2026,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1993,29 +2047,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2026,7 +2080,7 @@ msgstr ""
"quote> , el domini tot el que ve després\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2034,7 +2088,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2043,7 +2097,7 @@ msgstr ""
"sintaxi Python (?P &lt;name&gt;) a l'etiqueta subpatterns."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -2051,17 +2105,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Per defecte: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2070,42 +2124,42 @@ msgstr ""
"realitzar cerques de DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr "Valors admesos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "Per defecte: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2116,12 +2170,12 @@ msgstr ""
"aquest temps d'espera, el domini seguirà operant en el mode fora de línia."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2130,44 +2184,44 @@ msgstr ""
"del domini de la consulta DNS del servei de descobriment."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr "Per defecte: Utilitza la part del domini del nom de màquina"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2176,30 +2230,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2210,17 +2264,17 @@ msgstr ""
"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr "El servidor intermediari on re-envia PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2229,12 +2283,12 @@ msgstr ""
"de pam existent o crear-ne una de nova i afegir aquí el nom del servei."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2245,7 +2299,7 @@ msgstr ""
"$(libName)_$(function), per exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2254,12 +2308,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "La secció de domini local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2270,29 +2324,29 @@ msgstr ""
"<replaceable>id_provider = local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'intèrpret d'ordres per defecte per als usuaris creats amb eines SSSD "
"d'espai d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Per defecte: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2301,46 +2355,46 @@ msgstr ""
"replaceable> i utilitzen això com el directori d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "Per defecte: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Per defecte: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2351,17 +2405,17 @@ msgstr ""
"defecte en un directori personal acabat de crear."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "Per defecte: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2374,17 +2428,17 @@ msgstr ""
"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Per defecte: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2395,17 +2449,17 @@ msgstr ""
"s'especifica, s'utilitzarà un valor per defecte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "Per defecte: <filename>/var/correu</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2416,18 +2470,18 @@ msgstr ""
"té en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "Per defecte: Cap, no s'executa cap comanda"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2482,7 +2536,7 @@ msgstr ""
"\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2540,7 +2594,7 @@ msgstr ""
"informació sobre l'ús d'LDAP com un proveïdor d'accés."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "OPCIONS DE CONFIGURACIÓ"
@@ -2764,7 +2818,7 @@ msgstr "Els dos mecanismes suportats actualment són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:229
msgid "password"
-msgstr "password"
+msgstr "contrasenya"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:232
@@ -3323,8 +3377,8 @@ msgstr "L'atribut LDAP que correspon al nom complet de l'usuari."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "Per defecte: cn"
@@ -3339,7 +3393,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr "Per defecte: memberOf"
@@ -3535,7 +3589,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3736,6 +3790,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Per defecte: 6"
@@ -3805,7 +3860,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -4104,60 +4159,87 @@ msgstr "ldap_sasl_authid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1418
+#, fuzzy
+#| msgid ""
+#| "Specify the SASL authorization id to use. When GSSAPI is used, this "
+#| "represents the Kerberos principal used for authentication to the "
+#| "directory."
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
"Especifica l'identificador d'autorització SASL a utilitzar. Quan s'utilitza "
"GSSAPI, això representa el principal Kerberos usat per autenticar al "
"directori."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4168,27 +4250,27 @@ msgstr ""
"seleccionat és GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "Per defecte: 86400 (24 hores)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4200,7 +4282,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4211,7 +4293,7 @@ msgstr ""
"retorna a _tcp si no se'n troba cap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4223,41 +4305,41 @@ msgstr ""
"<quote>krb5_server</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Especifica l'àmbit KERBEROS (per a autenticació SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/"
"krb5.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4266,7 +4348,7 @@ msgstr ""
"costat del client. S'admeten els valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4275,7 +4357,7 @@ msgstr ""
"opció no inhabilita les polítiques de contrasenya de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4283,7 +4365,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4294,19 +4376,24 @@ msgstr ""
"chpass_provider=krb5 per actualitzar aquests atributs quan es canvia la "
"contrasenya."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "Per defecte: none"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4315,7 +4402,7 @@ msgstr ""
"quan és compilat amb la versió d'OpenLDAP 2.4.13 o superior."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4324,29 +4411,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Especifica el nom de servei per utilitzar quan està habilitada la detecció "
"de serveis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr "Per defecte: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4355,30 +4442,30 @@ msgstr ""
"permet canvis de contrasenya quan està habilitada la detecció de serveis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
"Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4389,12 +4476,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "Exemple:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4406,7 +4493,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4415,7 +4502,7 @@ msgstr ""
"membres del grup d'ldap \"allowedusers\"."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4428,17 +4515,17 @@ msgstr ""
"concedint accés en estar fora de línia i viceversa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr "Per defecte: Buit"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4447,7 +4534,7 @@ msgstr ""
"d'atributs de control d'accés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4459,12 +4546,12 @@ msgstr ""
"contrasenya és correcta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr "S'admeten els valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4473,7 +4560,7 @@ msgstr ""
"determinar si el compte ha caducat."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4482,7 +4569,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4490,7 +4577,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4499,29 +4586,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Llista separada per comes d'opcions de control d'accés. Els valors permesos "
"són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4530,17 +4617,17 @@ msgstr ""
"authorizedService per determinar l'accés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "Per defecte: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -4549,12 +4636,12 @@ msgstr ""
"s'utilitza més d'una vegada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -4563,13 +4650,13 @@ msgstr ""
"cerca. S'admeten les opcions següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: les referències dels àlies mai són eliminades."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -4579,7 +4666,7 @@ msgstr ""
"de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -4588,7 +4675,7 @@ msgstr ""
"només en localitzar l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -4597,7 +4684,7 @@ msgstr ""
"en la recerca i en la localització de l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -4605,6 +4692,39 @@ msgstr ""
"Per defecte: Buit (això es tractarà com <emphasis>never</emphasis> per les "
"llibreries client d'LDAP)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (booleà)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4622,213 +4742,213 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4836,106 +4956,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4944,76 +5064,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5022,46 +5142,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "OPCIONS AVANÇADES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5069,43 +5189,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5116,7 +5236,7 @@ msgstr ""
"sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5127,8 +5247,17 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5137,7 +5266,6 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5149,19 +5277,20 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5424,7 +5553,7 @@ msgstr ""
"control d'accés per <citerefentry><refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum></citerefentry>. Per una referència detallada de la "
"sintaxi, aneu a la secció de <quote>FORMAT DE FITXER</quote> de la pàgina "
-"del manual de <citerefentry><refentrytitle>sssd.conf</refentrytitle> "
+"del manual <citerefentry>de <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
@@ -5522,7 +5651,7 @@ msgstr ""
"locals."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5530,13 +5659,21 @@ msgid ""
"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
"Consulteu la secció <quote>SECCIONS DE DOMINI</quote> de la pàgina del "
-"manual d' <citerefentry><refentrytitle>sssd.conf</refentrytitle> "
+"manual <citerefentry>d' <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> per a més informació sobre la "
"configuració d'un domini SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
@@ -5544,7 +5681,7 @@ msgstr ""
"defineixen alhora simple_allow_users i simple_deny_users."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5556,7 +5693,7 @@ msgstr ""
"específiques del proveïdor."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5622,13 +5759,21 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
@@ -5637,12 +5782,12 @@ msgstr ""
"s'utilitza el nom de domini de la configuració."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5652,12 +5797,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (cadeba)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
@@ -5666,12 +5811,12 @@ msgstr ""
"complet utilitzat en el domini d'IPA per identificar aquest amfitrió."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
@@ -5680,19 +5825,41 @@ msgstr ""
"servidor DNS integrat dins FreeIPA v2 amb l'adreça d'IP d'aquest client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (Enter)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 10800 (12 hours)"
+msgid "Default: 1200 (seconds)"
+msgstr "Per defecte: 10800 (12 hores)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
@@ -5702,44 +5869,44 @@ msgstr ""
"de DNS dinàmiques."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Per defecte: Utilitzar l'adreça IP de la connexió LDAP d'IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5747,58 +5914,58 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -5807,7 +5974,7 @@ msgstr ""
"suplantada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -5816,21 +5983,21 @@ msgstr ""
"proveïdor Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5838,12 +6005,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5851,17 +6018,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "pam_verbosity (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "pam_verbosity (Enter)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5870,313 +6052,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6188,7 +6402,7 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6330,7 +6544,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6338,7 +6552,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6352,11 +6566,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -6530,7 +6766,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -8353,7 +8589,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8802,7 +9038,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/cs.po b/src/man/po/cs.po
index cbc3dc3de..ae7656034 100644
--- a/src/man/po/cs.po
+++ b/src/man/po/cs.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-05-22 13:44+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: Czech (http://www.transifex.com/projects/p/fedora/language/"
@@ -134,7 +134,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr ""
@@ -201,7 +201,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr ""
@@ -238,19 +238,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr ""
@@ -269,7 +269,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr ""
@@ -289,7 +289,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
@@ -372,32 +372,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -407,15 +386,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -433,12 +412,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -447,80 +426,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -530,23 +510,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -625,8 +626,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr ""
@@ -705,13 +706,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -724,12 +735,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -737,231 +748,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -969,59 +981,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1029,7 +1041,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1038,17 +1050,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1056,115 +1068,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1176,7 +1188,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1187,24 +1199,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1212,12 +1224,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1226,24 +1238,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1252,56 +1264,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1309,123 +1324,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1434,17 +1456,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1453,33 +1475,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1487,8 +1509,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1497,8 +1519,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1506,19 +1528,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1527,19 +1549,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1547,7 +1587,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1555,30 +1595,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1586,19 +1626,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1607,24 +1647,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1632,7 +1672,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1640,35 +1680,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1676,22 +1716,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1699,7 +1740,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1707,31 +1748,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1739,28 +1780,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1768,7 +1804,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1776,24 +1812,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1801,19 +1837,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1822,29 +1858,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1852,7 +1888,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1860,14 +1896,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1875,59 +1911,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1935,56 +1971,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1993,30 +2029,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2024,29 +2060,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2054,19 +2090,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2074,73 +2110,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2148,17 +2184,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2167,17 +2203,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2185,17 +2221,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2203,18 +2239,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2244,7 +2280,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2285,7 +2321,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -3017,8 +3053,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3033,7 +3069,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3221,7 +3257,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3421,6 +3457,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3481,7 +3518,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3754,53 +3791,73 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3808,27 +3865,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3840,7 +3897,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3848,7 +3905,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3856,53 +3913,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3910,32 +3967,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3944,56 +4006,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4004,12 +4066,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4018,14 +4080,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4034,24 +4096,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4059,19 +4121,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4080,7 +4142,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4088,7 +4150,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4097,94 +4159,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4196,213 +4289,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4410,106 +4503,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4518,76 +4611,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4596,46 +4689,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4643,43 +4736,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4687,7 +4780,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4695,7 +4788,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4705,23 +4798,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5026,7 +5119,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5037,12 +5130,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5050,7 +5151,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5102,25 +5203,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5130,87 +5239,105 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+msgid "Default: 1200 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5218,86 +5345,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5305,12 +5432,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5318,17 +5445,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5337,313 +5477,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5651,7 +5823,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5789,7 +5961,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5797,7 +5969,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5811,11 +5983,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5989,7 +6183,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7708,7 +7902,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8159,7 +8353,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/es.po b/src/man/po/es.po
index 7492a0408..6ebf80b4e 100644
--- a/src/man/po/es.po
+++ b/src/man/po/es.po
@@ -4,16 +4,19 @@
#
# Translators:
# Adolfo Jayme Barrientos <fitoschido@gmail.com>, 2012.
+# <carlosantolin@hotmail.es>, 2012.
# Eduardo Villagrán <evillagr@fedoraproject.org>, 2011.
# Eduardo Villagrán M <gotencool@gmail.com>, 2011.
+# <ehespinosa@ya.com>, 2013.
+# <ehespinosa@ya.com>, 2013.
# Héctor Daniel Cabrera <logan@fedoraproject.org>, 2011.
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
-"PO-Revision-Date: 2012-10-05 17:53+0000\n"
-"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2013-01-26 15:25+0000\n"
+"Last-Translator: vareli <ehespinosa@ya.com>\n"
"Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n"
"Language: es\n"
"MIME-Version: 1.0\n"
@@ -150,7 +153,7 @@ msgstr "Formatos de archivo y convenciones"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "El archivo de configuración de SSSD"
@@ -202,6 +205,8 @@ msgid ""
"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
"(<quote>;</quote>). Inline comments are not supported."
msgstr ""
+"Una línea de comentario comienza con una almohadilla (<quote>#</quote>) o un "
+"punto y coma (<quote>;</quote>). No se soportan los comentarios en línea."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:47
@@ -234,7 +239,7 @@ msgid "The [sssd] section"
msgstr "La sección [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Parámetros de sección"
@@ -273,14 +278,18 @@ msgid ""
"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
"phrase>"
msgstr ""
+"Servicios soportados: nss, pam <phrase condition=\"with_sudo\">, sudo</"
+"phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase "
+"condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder"
+"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -289,7 +298,7 @@ msgstr ""
"de datos del proveedor, o de reiniciarse antes de abandonar"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Predeterminado: 3"
@@ -313,7 +322,7 @@ msgstr ""
"consultados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -323,6 +332,8 @@ msgid ""
"Default regular expression that describes how to parse the string containing "
"user name and domain into these components."
msgstr ""
+"Expresión regular por defecto que describe como analizar la cadena que "
+"contiene el nombre de usuario y el dominio en estos componentes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:132
@@ -331,9 +342,12 @@ msgid ""
"ID providers there are also default regular expressions. See DOMAIN "
"SECTIONS for more info on these regular expressions."
msgstr ""
+"Cada dominio puede tener una expresión regular individual configurada. Para "
+"algunos proveedores de ID hay también expresiones regulares por defecto. Vea "
+"DOMAIN SECTIONS para más información sobre estas expresiones regulares."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
@@ -344,6 +358,10 @@ msgid ""
"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
"how to translate a (name, domain) tuple into a fully qualified name."
msgstr ""
+"El formato compatible con <citerefentry> <refentrytitle>printf</"
+"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> por defecto que "
+"describe como traducir una tupla (nombre, dominio) a un nombre totalmente "
+"calificado."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:152
@@ -351,6 +369,8 @@ msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
+"Cada dominio puede tener una cadena de formato individual configurar. Vea "
+"SECCIONES DOMINIO para más información sobre esta opción."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:158
@@ -420,6 +440,9 @@ msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
+"Esta opción acepta un valor especial __LIBKRB5_DEFAULTS__ que instruirá a "
+"SSSD para dejar a libkrb5 decidir la localización apropiada del escondrijo "
+"de respuesta."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:199
@@ -427,35 +450,23 @@ msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
+"Por defecto: Distribución específica y especificado en la acumulación de "
+"tiempo. (si no se configura __LIBKRB5_DEFAULTS__)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "Predeterminado: 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
-msgstr ""
+msgstr "default_domain_suffix (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
+#, fuzzy
+#| msgid ""
+#| "This string will be used as a default domain name for all names without a "
+#| "domain name component. The main use case are environments were the local "
+#| "domain is only managing hosts but no users and all users are coming from "
+#| "a trusted domain. The option allows those users to log in just with their "
+#| "user name without giving a domain name as well."
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -463,17 +474,30 @@ msgid ""
"trusted domain. The option allows those users to log in just with their "
"user name without giving a domain name as well."
msgstr ""
+"La cadena será usada como nombre de dominio por defecto para todos los "
+"nombres sin un componente de nombre de dominio. El principal caso de uso son "
+"entornos donde el dominio local sólo gestiona hosts pero no usuarios y todos "
+"los usuarios vienen de un dominio de confianza. La opción permite a aquellos "
+"usuarios acceder sólo con sus nombres de usuario sin tener que dar también "
+"un nombre de dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
+#, fuzzy
+#| msgid ""
+#| "Please note that if this option is set all users from the local domain "
+#| "have to use their fully qualified name, e.g. user@domain.name, to log in."
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
+"Por favor advierta que esta opción está fijada para que todos los usuarios "
+"del dominio local tengan usar su nombre totalmente cualificado, esto es "
+"user@domain.name, para acceder."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -489,14 +513,20 @@ msgid ""
"some other important options like the identity domains. <placeholder type="
"\"variablelist\" id=\"0\"/>"
msgstr ""
+"Trozos individuales de funcionalidad SSSD son suministrados por servicios "
+"especiales SSSD que se inician y parar junto a SSSD. Los servicios son "
+"gestionados por un servicio especial frecuentemente llamado <quote>monitor</"
+"quote>. La sección <quote>[sssd]</quote> se usa para configurar el monitor "
+"así como algunas otras opciones importantes como la identidad de dominios. "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "SECCIONES DE SERVICIOS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -509,80 +539,83 @@ msgstr ""
"<quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr "Opciones de configuración de servicios generales"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "Estas opciones pueden usarse para configurar cualquier servicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "Agregar una marca de tiempo a los mensajes de depuración"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Predeterminado: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Predeterminado: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
+"Tiempo de espera en segundos entre latidos para este servicio. Esto se usa "
+"para asegurar que el proceso está vivo y capaz de responder peticiones."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Predeterminado: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
-msgstr ""
+msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -590,24 +623,59 @@ msgid ""
"systems without this capability, the resulting value will be the lower value "
"of this or the limits.conf \"hard\" limit."
msgstr ""
+"Esta opción especifica el número máximo de descriptores de ficheros que "
+"pueden ser abiertos a la vez por este proceso SSSD. Sobre sistemas donde "
+"SSSD ha alcanzado la capacidad CAP_SYS_RESOURCE, este será un ajuste "
+"absoluto. Sobre sistemas sin esta capacidad, el valor resultante será el "
+"valor más bajo de este o de limite “hard” en limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
-msgstr ""
+msgstr "Por defecto: 8192 (o limite “hard” en limits.conf)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
-msgstr ""
+msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+"Esta opción especifica el número de segundos que un cliente de un proceso "
+"SSSD puede retener un desciptor de fichero sin comunicarlo. Este valor está "
+"limitado con el objetivo de evitar un agotamiento de los recursos del "
+"sistema."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Predeterminado: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr "force_timeout (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+"Si un servicio no está respondiendo a las comprobaciones ping (vea la opción "
+"<quote>timeout</quote>), primero enviará la señal SIGTERM que le instruye a "
+"salir amigablemente. Si el servicio no termina después de "
+"<quote>force_timeout</quote> segundos, el monitor le forzara a caer enviando "
+"una señal SIGKILL."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
@@ -633,6 +701,8 @@ msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
+"Cuantos segundos ocultaría enumeraciones nss_sss (peticiones de información "
+"sobre todos los usuarios)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:368
@@ -651,6 +721,9 @@ msgid ""
"if they are requested beyond a percentage of the entry_cache_timeout value "
"for the domain."
msgstr ""
+"La entrada a la cache puede ser fijada automáticamente para actualizar "
+"entradas en segundo plano si hay peticiones más allá de un porcentanje del "
+"valor de entry_cache_timeout para el dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:382
@@ -661,6 +734,12 @@ msgid ""
"but the SSSD will go and update the cache on its own, so that future "
"requests will not need to block waiting for a cache update."
msgstr ""
+"Por ejemplo, si entry_cache_timeout del dominio está fijado a 30 y "
+"entry_cache_nowait_percentage está fijado a 50 (por ciento), las entradas "
+"que vengan después de 15 segundos pasado el último cache serán devueltas "
+"inmediatamente, pero SSSD irá y actualizará el cache por el mismo, de modo "
+"que las futuras peticiones no necesitarán bloquearse a la espera de una "
+"actualización del cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:392
@@ -670,6 +749,10 @@ msgid ""
"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
"disables this feature)"
msgstr ""
+"Los valores válidos para esta opción son 0-99 y representan un porcentaje de "
+"entry_cache_timeout para cada dominio. Por razones de rendimiento, este "
+"porcentaje nunca reducirá el tiempo de salida de no espera a menos de 10 "
+"segundos. (0 deshabilita esta función)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:400
@@ -688,9 +771,12 @@ msgid ""
"(that is, queries for invalid database entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
+"Especifica por cuantos segundos nss_sss escondería golpes negativos al cache "
+"(esto es, consultas para entradas no válidas a la base de datos, como "
+"entradas no existentes) antes de preguntar al punto final otra vez."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Predeterminado: 15"
@@ -707,6 +793,10 @@ msgid ""
"domain or include fully-qualified names to filter only users from the "
"particular domain."
msgstr ""
+"Excluye ciertos usuarios de ser exagerados por la base de datos sss NSS. "
+"Esto es particularmente útil para cuentas de sistema. Esta opción puede ser "
+"también fijada por dominio o incluir nombres totalmente cualificados para "
+"filtrar sólo usuario de un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:429
@@ -723,6 +813,8 @@ msgstr "filter_users_in_groups (bool)"
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
+"Si usted desea filtrar usuarios aunque sean miembros del grupo, fije esta "
+"opción a false."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:446 sssd-ad.5.xml:132
@@ -732,17 +824,17 @@ msgstr "override_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:455 sssd-ad.5.xml:141 sssd-krb5.5.xml:169
msgid "%u"
-msgstr ""
+msgstr "%u"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:456 sssd-ad.5.xml:142 sssd-krb5.5.xml:170
msgid "login name"
-msgstr ""
+msgstr "nombre de acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:459 sssd-ad.5.xml:145 sssd-krb5.5.xml:173
msgid "%U"
-msgstr ""
+msgstr "%U"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:460 sssd-ad.5.xml:146
@@ -767,17 +859,27 @@ msgstr "%f"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:468 sssd-ad.5.xml:154
msgid "fully qualified user name (user@domain)"
+msgstr "nombre totalmente cualificado del usuario (user@domain)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr "%%"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
-msgstr ""
+msgstr "un literal ‘%’"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:449 sssd-ad.5.xml:135
@@ -786,198 +888,235 @@ msgid ""
"or a template. In the template, the following sequences are substituted: "
"<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Anula el directorio home del usuario. Usted puede suministras bien un valor "
+"absoluto o una plantilla. En la plantilla, serán sustituidas las siguientes "
+"secuencias: <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
-msgstr ""
+msgstr "Esta opción puede ser también fijada por dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
+"override_homedir = /home/%u\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
-msgstr ""
+msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
-msgstr ""
+msgstr "Por defecto: No fijado (SSSD usará el valor recuperado desde LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
-msgstr ""
+msgstr "fallback_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
+"Fija la plantilla por defecto para el direcorio home del usuario si no se ha "
+"especificado una explícitamente por el proveedor de datos del dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
+"Los valores disponibles para esta opción son los mismos que para "
+"override_homedir."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
+"Por defecto: no fijado (sin sustitución para los directorios home no fijados)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
-msgstr ""
+msgstr "override_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
+"Anula la shell de acceso de todos los usuarios. Esta opción puede ser "
+"especificada globalmente en la sección [nss] o por dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
-msgstr ""
+msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr "allowed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
+"Restringe la shell de usuario a uno de los valores listados. El orden de "
+"evaluación es:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
-msgstr ""
+msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
+"2. Si el shell está en la lista allowed_shells pero no en <quote>/etc/"
+"shells</quote>, usa el valor del parámetro shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
+"3. Si el shell no está en la lista allowed_shells y tampoco en <quote>/etc/"
+"shells</quote>, se usará un shell de no acceso."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
-msgstr ""
+msgstr "Una cadena vacía para el shell se pasa como-es a libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
+"<quote>/etc/shells</quote> es de sólo lectura en el inicio SSSD, lo que "
+"significa que se requiere el reinicio del SSSD en el caso de que se instale "
+"una nueva shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
-msgstr ""
+msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
-msgstr ""
+msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr "shell_fallback (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
+"La shell por defecto a usar si una shell permitida no está instalada en la "
+"máquina."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "Predeterminado: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
-msgstr ""
+msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
+#, fuzzy
+#| msgid ""
+#| "The default shell to use if the provider does not return one during "
+#| "lookup. This option supersedes any other shell options if it takes effect."
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
+"La shell por defecto a usar si el proveedor no devuelve una durante la "
+"búsqueda. Esta opción supera cualquier otra opción de shell si tiene efecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
+"Por defecto: no fijado (Devuelve NULL si no se ha especificado una shell y "
+"confía en libc para sustituir algo sensible cuando sea necesario, "
+"normalmente /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
-msgstr ""
+msgstr "get_domains_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
+"Especifica el tiempo en segundos por los cuales la lista de subdominios será "
+"considerada válida."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
-msgstr ""
+msgstr "memcache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
+"Especifica el tiempo en segundos durante el cual los archivos en el "
+"escondrijo en memoria serán válidos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Predeterminado: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr "Opciones de configuración PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -986,253 +1125,291 @@ msgstr ""
"Authentication Module (PAM)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
+"Si la autenticación del proveedor es fuera de línea, cuanto permitiríamos "
+"los accesos escondidos (en días desde el último login en línea con éxito)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "Predeterminado: 0 (Sin límite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
+"Si la autenticación del proveedor es fuera de línea, cuantos intentos de "
+"login fallados están permitidos."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
+"El tiempo en minutos que ha de pasar después de que "
+"offline_failed_login_attempts ha sido alcanzado antes de que un nuevo "
+"intento de login sea posible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
"authentication can enable offline authentication again."
msgstr ""
+"Si se fija en 0 el usuario no puede autenticarse fuerta de línea si se ha "
+"alcanzado offline_failed_login_attempts. Sólo una autenticación en línea con "
+"éxito puede habilitar otra vez la autenticación fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Predeterminado: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
+"Controla qué tipo de mensajes se muestra al usuario durante la "
+"autenticación. Cuanto mayor sea el número de mensajes más aparecen."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr "Actualmente sssd soporta los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: mostrar todos los mensajes e información de "
"depuración"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Predeterminado: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
"ensure that authentication takes place with the latest information."
msgstr ""
+"Para cualquier petición PAM mientras SSSD está en línea, SSSD intentará "
+"inmediatamente actualizar la información de identidad escondida por el "
+"usuario con el objetivo de asegurar que la autenticación tiene lugar con la "
+"información más actual."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
"client-application basis) how long (in seconds) we can cache the identity "
"information to avoid excessive round-trips to the identity provider."
msgstr ""
+"Una conversación PAM completa puede llevar a cabo múltiples peticiones PAM, "
+"como gestión de cuenta y apertura de sesión. Esta opción controla (sobre una "
+"base de por cliente-aplicación) cuanto (en segundos) podemos esconder la "
+"información de identidad para evitar excesivos viajes de ida y vuelata al "
+"proveedor de identidad."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr "Mostrar una advertencia N días antes que la contraseña caduque."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
"cannot display a warning."
msgstr ""
+"Por favor advierta que el servidor de punto final tiene que suministrar "
+"información sobre el tiempo de expiración de la contraseña. Si esta "
+"información desaparece, sssd no podrá mostrar un aviso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
+"Si está fijado cero, no se aplicará el filtro, esto es si se recibe una "
+"advertencia de expiración desde el servidor final, se mostrará "
+"automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
+"Este ajuste puede ser anulado por el ajuste "
+"<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Predeterminado: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
-msgstr ""
+msgstr "SUDO opciones de configuración"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
-msgstr ""
+msgstr "Estas opciones pueden ser usadas para configurar el servicio sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
-msgstr ""
+msgstr "sudo_timed (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
+"Si se evalúan o no los atributos sudoNotBefore y sudoNotAfter que implementa "
+"entradas de sudoers dependientes del tiempo."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
-msgstr ""
+msgstr "Opciones de configuración AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
-msgstr ""
+msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
-msgstr ""
+msgstr "autofs_negative_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
+"Especifica cuantos segundos debería el respondedor negativo autofs esconder "
+"golpes (esto es, consultas a entradas de mapa no válidad, como las no "
+"existentes) antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
-msgstr ""
+msgstr "Opciones de configuración SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
-msgstr ""
+msgstr "Estas opciones se pueden usar para configurar el servicio SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
-msgstr ""
+msgstr "ssh_hash_known_hosts (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
+"Si se pican o no los nombres y las direcciones de host en fichero gestionado "
+"known_host. "
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr "ssh_known_hosts_timeout (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+"Cuantos segundos se mantiene un host en el fichero known_hosts gestionados "
+"después de que se hayan pedido sus claves de host."
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr "Por defecto: 180"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
-msgstr ""
+msgstr "Opciones de configuración del respondedor PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1242,9 +1419,16 @@ msgid ""
"If the PAC is decoded and evaluated some of the following operations are "
"done:"
msgstr ""
+"El respondedor PAC trabaja junto el plugin de datos de autorización para MIT "
+"Kerberos sssd_pac_plugin.so y un proveedor de subdominio. El plugin envía el "
+"dato PAC durante una autenticación GSSAPI al respondedor PAC. El proveedor "
+"de subdominio recoge los rangos SID e ID del dominio a los que se une el "
+"cliente y de los dominio remotos de confianza desde el controlador de "
+"dominio local. Si el PAC es descodificado y evaluado se hacen alguna de las "
+"siguientes operaciones:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1253,58 +1437,74 @@ msgid ""
"system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
+"Si el usuario remoto no existe en el escondrijo, se crea. La uid se calcula "
+"en base al SID, los dominios de confianza tendrán UPGs y el gid tendrá el "
+"mismo valor que el uid. El directorio home se fija en base al parámetro "
+"subdomain_homedir. La shell estará vacía por defecto, esto es se usará la "
+"del sistema por defecto, pero puede ser anulada con el parámetro "
+"default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
+"Si hay SIDs de grupos desde el dominio al que el cliente pertenece, el "
+"usuario será añadido a esos grupos."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
-msgstr ""
+msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
-msgstr ""
+msgstr "allowed_uids (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
"startup."
msgstr ""
+"Especifica la lista separada por comas de los valores UID o nombres de "
+"usuario que tiene el acceso permitido al respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
+"Por defecto: 0 (sólo el usuario root tiene permitido el acceso al "
+"respondedor PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
"access the PAC responder, which would be the typical case, you have to add 0 "
"to the list of allowed UIDs as well."
msgstr ""
+"Por favor advierta que aunque la UID 0 se usa por defecto será anulada con "
+"esta opción. Si usted deses todavía permitir al usuario root acceder al "
+"respondedor PAC, que sería el caso típico, usted tiene que añadir 0 a la "
+"lista de UIDs permitidas también."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "SECCIONES DE DOMINIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1313,79 +1513,116 @@ msgstr ""
"está fuera de estos límites, ésta es ignorada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
"primary group memberships, those that are in range will be reported as "
"expected."
msgstr ""
+"Para usuarios, esto afecta al límite primario GID. El usuario no será "
+"devuelto a NSS si bien la UID o el GID primario está fuera de rango. Para "
+"los miembros de grupos no primarios, aquellos que estén en rango serán "
+"reportados como en espera."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerar (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
+"Determina si un dominio puede ser enumerado. Este parámetro puede tener uno "
+"de los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
-msgstr ""
+msgstr "TRUE = Usuarios y grupos son enumerados"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
-msgstr ""
+msgstr "FALSE = Sin enumeraciones para este dominio"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Predeterminado: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
+#, fuzzy
+#| msgid ""
+#| "Note: Enabling enumeration has a moderate performance impact on SSSD "
+#| "while enumeration is running. It may take up to several minutes after "
+#| "SSSD startup to fully complete enumerations. During this time, "
+#| "individual requests for information will go directly to LDAP, though it "
+#| "may be slow, due to the heavy enumeration processing."
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
+"Aviso: Habilitar la enumeración tiene un impacto moderado sobre el "
+"rendimiento sobre SSSD mientras está corriendo la enumeración. Puede llevar "
+"varios minutos desde que se inicia SSSD hasta que se completen totalmente "
+"las enumeraciones. Durante este tiempo, las peticiones individuales de "
+"información irán directamente a LDAP, piense que puede ser más lento, debido "
+"al pesado procesado de enumeración."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
+"Mientras está corriendo la primera enumeración, peticiones para el usuario "
+"completo o listas de grupo pueden no devolver resultados hasta que se "
+"completen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
"enumeration lookups are completed successfully. For more information, refer "
"to the man pages for the specific id_provider in use."
msgstr ""
+"Adicionalmente, la habilitación de la enumeración puede incrementar el "
+"tiempo necesario para detectar la desconexión de red, tanto como los tiempos "
+"de espera necesarios para asegurar que las búsquedas de enumeración se han "
+"completado. Para más información vea las páginas de manual para el "
+"específico id_provider en uso."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1394,219 +1631,284 @@ msgstr ""
"volver a consultar al backend"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Predeterminado: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_user_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
+"Cuantos segundos debería nss_sss considerar las entradas de usuario válidas "
+"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
-msgstr ""
+msgstr "Por defecto: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_group_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
+"Cuantos segundos debería nss_sss considerar las entradas de grupo válidas "
+"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_netgroup_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
+"Cuantos segundos debería nss_sss considerar las entradas de grupo de red "
+"válidas antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_service_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
+"Cuantos segundos debería nss_sss considerar las entradas de servicio válidas "
+"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_sudo_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
+"Cuantos segundos debería considerar las regulas sudo válidas antes de "
+"preguntar al backend otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_autofs_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
+"Cuantos segundos deberá considerar el servicio autofs los mapas de "
+"automontaje válidos antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
-msgstr ""
+msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
+"Determina si las credenciales del usuario están también escondidas en el "
+"cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Las credenciales de usuario son almacenadas en un hash SHA512, no en texto "
"plano"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
"value of this parameter must be greater than or equal to "
"offline_credentials_expiration."
msgstr ""
+"Entradas de números de días que son dejadas en el cache después del último "
+"login con éxito antes de ser borrado durante la limpieza de la cache. 0 "
+"significa mantener para siempre. El valor de este parámetro debe ser más "
+"grande o igual que offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "Predeterminado: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
-msgstr ""
+msgstr "pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
"cannot display a warning. Also an auth provider has to be configured for the "
"backend."
msgstr ""
+"Por favor advierta que el servidor de backend tiene que suministrar "
+"información sobre la hora expiración de la contraseña. Si esta información "
+"está desaparecida, sssd no puede mostrar un aviso. También se tiene que "
+"configurar un proveedor de autorización para el backend."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
-msgstr ""
+msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
+"El proveedor de identificación usado por el dominio. Los proveedores de ID "
+"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
-msgstr ""
+#: sssd.conf.5.xml:1165
+#, fuzzy
+#| msgid "proxy: Support a legacy NSS provider"
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
+msgstr "proxy: Soporte un proveedor de legado NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
-msgstr ""
+msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
"information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote>: Proveedor LDAP. Vea <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más "
+"información sobre la configuración de LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
"FreeIPA."
msgstr ""
+"<quote>ipa</quote>: Proveedor FreeIPA y Red Hat Enterprise Identity "
+"Management. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
+"configuración de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Active Directory."
msgstr ""
+"<quote>ad</quote>: Proveedor Active Directory. Vea <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> para más información sobre la configuración de Active "
+"Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
-msgstr ""
+msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
+"Utiliza el nombre completo y el dominio (formateado en el formato "
+"nombre_completo de dominio) como el nombre de acceso del usuario reportado a "
+"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
"<command>getent passwd test</command> wouldn't find the user while "
"<command>getent passwd test@LOCAL</command> would."
msgstr ""
+"Si es TRUE, todas las peticiones a este dominio deben usar nombres "
+"totalmente cualificados. Por ejemplo, si se usa en el dominio LOCAL que "
+"contiene un usuario “test”, <command>getent passwd test</command> no "
+"encontraría al usuario mientras que <command>getent passwd test@LOCAL</"
+"command> lo haría."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ipa_netgroup_member_user (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ipa_netgroup_member_user (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1615,92 +1917,113 @@ msgstr ""
"autenticación soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> para autenticación nativa LDAP. Vea <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
+"<quote>krb5</quote> para autenticación Kerberos. Vea <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> para más información sobre la configuración de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
+"<quote>proxy</quote> para la reinstalación de la autenticación a algún otro "
+"objetivo PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
-msgstr ""
+msgstr "<quote>none</quote> deshabilita la autenticación explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
+"Por defecto: <quote>id_provider</quote> se usa si se ha fijado y puede "
+"manejar las peticiones de autenticación."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
"Internal special providers are:"
msgstr ""
+"El proveedor de control de acceso usado por el dominio. Hay dos provedores "
+"de acceso integrados (además de cualquiera instalado en los finales). Los "
+"proveedores especiales internos son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
+"<quote>permit</quote> siempre permite el acceso. Es el proveedor de acceso "
+"sólo permitido para un dominio local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> siempre niega el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for more information on configuring the simple "
"access module."
msgstr ""
+"<quote>simple</quote> control de acceso basado en listas de acceso o "
+"denegación. Vea <citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> para más información sobre la "
+"configuración del módulo de acceso sencillo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr "Predeterminado: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr "chpass_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
+"El proveedor que debería manejar las operaciones de cambio de password para "
+"el dominio. Los proveedores de cambio de passweord soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1712,7 +2035,7 @@ msgstr ""
"configurar LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1723,212 +2046,266 @@ msgstr ""
"citerefentry> para más información sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
+"<quote>proxy</quote> para la reinstalación de cambios de password en algunos "
+"otros objetivos PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> deniega explícitamente los cambios en la contraseña."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
+"Por defecto: <quote>auth_provider</quote> se utiliza si se ha fijado y se "
+"puede manejar las peticiones de cambio de password."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
-msgstr ""
+msgstr "sudo_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
+"El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> para reglas almacenadas en LDAP. Vea <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
-msgstr ""
+msgstr "<quote>none</quote>deshabilita SUDO explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
+"Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
-msgstr ""
+msgstr "selinux_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
"providers are:"
msgstr ""
+"El proveedor que manejaría la carga de los ajustes selinux. Advierta que "
+"este proveedor será llamado justo después de que el proveedor de acceso "
+"finalice. Los proveedores selinux soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> para cargar ajustes selinux desde un servidor IPA. Vea "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> para más información sobre la configuración de "
+"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
+"<quote>none</quote> deshabilita ir a buscar los ajustes selinux "
+"explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
+"Por defecto: <quote>id_provider</quote> se usa si está fijado y puede "
+"manejar las peticiones de carga selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
-msgstr ""
+msgstr "subdomains_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
+#, fuzzy
+#| msgid ""
+#| "The provider which should handle fetching of subdomains. This value "
+#| "should be always the same as id_provider. Supported subdomain providers "
+#| "are:"
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
+"El proveedor que manejaría el buscador de subdominios. Este valor debería "
+"ser siempre el mismo que el proveedor de id. Los proveedores de subdominios "
+"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> para cargar una lista de subdominios desde un servidor "
+"IPA. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
+"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "Predeterminado: none"
+"<quote>none</quote> deshabilita el buscador de subdominios explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
-msgstr ""
+msgstr "autofs_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
+"El proveedor autofs usado por el dominio. Los proveedores autofs soportados "
+"son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> para cargar mapas almacenados en LDAP. Vea "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> para más información sobre la configuración de "
+"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> para cargar mapas almacenados en un servidor IPA. Vea "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> para más información sobre la configuración de "
+"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
-msgstr ""
+msgstr "<quote>none</quote> deshabilita autofs explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
-msgstr ""
+msgstr "hostid_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
+"El proveedor usado para recuperar información de identidad de host. Los "
+"proveedores de hostid soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"quote>ipa</quote> para cargar la identidad del host almacenada en un "
+"servidor IPA. Vea <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> para más información sobre la "
+"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
-msgstr ""
+msgstr "<quote>none</quote> deshabilita hostid explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
+"Expresión regular para este dominio que describe como analizar la cadena que "
+"contiene el nombre de usuario y el dominio en estos componentes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
"P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles for "
"user names:"
msgstr ""
+"Por defecto para el proveedor AD e IPA: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
+"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
+"P&lt;name&gt;[^@\\\\]+)$))</quote> que permite tres estilos diferentes de "
+"nombres de usuario:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
-msgstr ""
+msgstr "nombre de usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
-msgstr ""
+msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
-msgstr ""
+msgstr "dominio/nombre_de_usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
+"Mientras los primeros dos corresponden al valor por defecto general el "
+"tercero se introduce para permitir una fácil integración de usuarios desde "
+"dominios Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1939,15 +2316,19 @@ msgstr ""
"el nombre, el dominio es el resto detrás de este signo\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
"version 7 or higher can support non-unique named subpatterns."
msgstr ""
+"POR FAVOR ADVIERTA: el soporte para subplantillas sin nombre único no está "
+"disponible en todas las plataformas (por ejemplo, RHEL5 y SLES10). Sólo las "
+"plataformas con la versión de libpcre 7 o superior pueden soportar las "
+"subplantillas sin nombre único."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -1956,195 +2337,226 @@ msgstr ""
"soportan la sintaxis Python (?P&lt;name&gt;) para identificar subpatrones."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
"a (name, domain) tuple for this domain into a fully qualified name."
msgstr ""
+"Un formato compatible con <citerefentry> <refentrytitle>printf</"
+"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> que describe como "
+"traducir un tupla (nombre, dominio) en un nombre totalmente cualificado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Predeterminado: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
+"Suministra la capacidad para seleccionar la familia de dirección preferente "
+"a usar cuando se lleven a cabo búsquedas DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr "Valores soportados:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "Predeterminado: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
"the domain will continue to operate in offline mode."
msgstr ""
+"Define la cantidad de tiempo (en segundos) para esperar una respuesta desde "
+"el DNS antes de asumir que es inalcanzable. Si se alcanza este tiempo de "
+"espera, el dominio continuará operativo en modo fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
+"Si el descubridor de servicio se usa en el punto final, especifica la parte "
+"de dominio de la pregunta al descubridor de servicio DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Predeterminado: Utilizar la parte del dominio del nombre de host del equipo"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr "override_gid (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
-msgstr ""
+msgstr "Anula el valor primario GID con el especificado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
+"Trata a los nombres de usuario y grupo como sensibles al teclado. En este "
+"momento, esta opción no está soportada en el proveedor local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr "Predeterminado: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
-msgstr ""
+msgstr "proxy_fast_alias (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
"name was an alias. Setting this option to true would cause the SSSD to "
"perform the ID lookup from cache for performance reasons."
msgstr ""
+"Cuando un usuario o grupo es buscado por nombre en el proveedor proxy, una "
+"segunda búsqueda por ID es llevada a cabo para “estandarizar” el nombre en "
+"el caso de que el nombre pedido fuera un alias. Fijando esta opción a true "
+"se causaría que SSSD lleve a cabo una búsqueda de ID desde el escondrijo por "
+"razones de rendimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
-msgstr ""
+msgstr "subdomain_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
+"Usa este directorio home como valor por defecto para todos los subdominios "
+"dentro de este dominio. Vea <emphasis>override_homedir</emphasis> para más "
+"información sobre los posibles valores."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
+"Este valor puede ser anulado por la opción <emphasis>override_homedir</"
+"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
-msgstr ""
+msgstr "Por defecto: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Estas opciones de configuración pueden estar presentes en la sección "
+"configuración de dominio, esto es, en una sección llamada <quote>[domain/"
+"<replaceable>NAME</replaceable>]</quote> <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
-msgstr ""
+msgstr "El proxy de destino PAM próximo a."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
+"Por defecto: no se fija por defecto, usted tiene que coger una configuración "
+"pam existente o crear una nueva y añadir el nombre de servicio aquí."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
"for example _nss_files_getpwent."
msgstr ""
+"El nombre de la librería NSS para usar en los dominios proxy. Las funciones "
+"NSS buscadas dentro de la librería están el formato de _nss_$(libName)_"
+"$(function), por ejemplo _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2153,12 +2565,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "La sección de dominio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2169,29 +2581,29 @@ msgstr ""
"utiliza <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"El shell predeterminado para los usuarios creados con herramientas de "
"espacio de usuario SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Predeterminado: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2201,46 +2613,50 @@ msgstr ""
"de inicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "Predeterminado: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
+"Indica si se creará un directorio home por defecto para los nuevos usuarios. "
+"Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Predeterminado: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
+"Indica si el directorio home será borrado por defecto para los usuarios "
+"borrados. Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2251,17 +2667,17 @@ msgstr ""
"predeterminados en un directorio de inicio recién creado."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "Predeterminado: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2274,54 +2690,60 @@ msgstr ""
"<manvolnum>8</manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Predeterminado: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
"default value is used."
msgstr ""
+"El directorio carreta de correo. Es necesario para manipular el buzón de "
+"correo cuando la cuenta de usuario correspondiente es modificada o borrada. "
+"Si no se especifica, se utiliza un valor por defecto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "Predeterminado: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
"return code of the command is not taken into account."
msgstr ""
+"El comando que está corriendo después de que un usuario es borrado. El "
+"comando us para el nombre de usuario que está siendo borrado como primer y "
+"único parámetro. El código de retorno del comando no es tenido en cuenta."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "Predeterminado: None, no se ejecuta comando"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "EJEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2375,13 +2797,17 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
"configuring domains for more details. <placeholder type=\"programlisting\" "
"id=\"0\"/>"
msgstr ""
+"El siguiente ejemplo muestra una configuración SSSD típica. No describe la "
+"configuración de los dominios en si mismos – vea la documentación sobre la "
+"configuración de dominios para más detalles. <placeholder type="
+"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
@@ -2397,6 +2823,11 @@ msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for detailed syntax information."
msgstr ""
+"Esta página de manual describe la configuración de dominios LDAP para "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Vea la sección <quote>FILE FORMAT</quote> de la página de "
+"manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> para información detallada de la sintáxis."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:35
@@ -2414,9 +2845,16 @@ msgid ""
"<quote>ldap_access_filter</quote> config option for more information about "
"using LDAP as an access provider."
msgstr ""
+"El punto final de LDAP soporta proveedores de id, auth, acceso y chpass. Si "
+"usted desea autenticarse contra un servidor LDAP se requiere bien TLS/SSL o "
+"LDAPS. <command>sssd</command> <emphasis>no</emphasis> soporta autenticación "
+"sobre un canal no esncriptado. Si el servidor LDAP se usa sólo como un "
+"proveedor de identidad, no se necesita un canal encriptado. Por favor vea la "
+"opción de configuración <quote>ldap_access_filter</quote> para más "
+"información sobre la utilización de LDAP como proveedor de acceso."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "OPCIONES DE CONFIGURACIÓN"
@@ -2424,7 +2862,7 @@ msgstr "OPCIONES DE CONFIGURACIÓN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:60
msgid "ldap_uri, ldap_backup_uri (string)"
-msgstr ""
+msgstr "ldap_uri, ldap_backup_uri (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
@@ -2435,6 +2873,12 @@ msgid ""
"neither option is specified, service discovery is enabled. For more "
"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"Especifica una lista separada por comas de URIs del servidor LDAP al que "
+"SSSD se conectaría en orden de preferencia. Vea la sección "
+"<quote>CONMUTACIÓN EN ERROR</quote> para más información sobre la "
+"conmutación en error y la redundancia de servidor. Si no hay opción "
+"especificada, se habilita el descubridor de servicio. Para más información, "
+"vea la sección <quote>DESCUBRIDOR DE SERVICIOS</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:70
@@ -2462,7 +2906,7 @@ msgstr "ejemplo: ldap://[fc00::126:25]:389"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:85
msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
-msgstr ""
+msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:88
@@ -2472,6 +2916,10 @@ msgid ""
"Refer to the <quote>FAILOVER</quote> section for more information on "
"failover and server redundancy."
msgstr ""
+"Especifica la lista separada por comas de URIs de los servidores LDAP a los "
+"que SSSD se conectaría con el objetivo preferente de cambiar la contraseña "
+"de un usuario. Vea la sección <quote>FAILOVER</quote> para más información "
+"sobre failover y redundancia de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:95
@@ -2483,7 +2931,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
-msgstr ""
+msgstr "Por defecto: vacio, esto es ldap_uri se está usando."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:105
@@ -2503,6 +2951,8 @@ msgid ""
"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
"syntax:"
msgstr ""
+"Desde SSSD 1.7.0, SSSD soporta múltiples bases de búsqueda usando la "
+"sintaxis:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:116
@@ -2512,7 +2962,7 @@ msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:119
msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
-msgstr ""
+msgstr "El alcance puede ser uno de “base”, “onlevel” o “subtree”."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:122
@@ -2520,6 +2970,8 @@ msgid ""
"The filter must be a valid LDAP search filter as specified by http://www."
"ietf.org/rfc/rfc2254.txt"
msgstr ""
+"El filtro debe ser un filtro de búsqueda LDAP válido como se especifica en "
+"http://www.ietf.org/rfc/rfc2254.txt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:126
@@ -2532,6 +2984,8 @@ msgid ""
"ldap_search_base = dc=example,dc=com (which is equivalent to) "
"ldap_search_base = dc=example,dc=com?subtree?"
msgstr ""
+"ldap_search_base = dc=example,dc=com (que es equivalente a) ldap_search_base "
+"= dc=example,dc=com?subtree?"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:134
@@ -2539,6 +2993,8 @@ msgid ""
"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
"(host=thishost)?dc=example.com?subtree?"
msgstr ""
+"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
+"(host=thishost)?dc=example.com?subtree?"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:137
@@ -2548,6 +3004,10 @@ msgid ""
"different search bases). This will lead to unpredictable behavior on client "
"machines."
msgstr ""
+"Nota: No está soportado tener múltiples bases de búsqueda que se referencien "
+"a objetos nombrados idénticamente (por ejemplo, grupos con el mismo nombre "
+"en dos bases de búsqueda diferentes). Esto llevara a comportamientos "
+"impredecibles sobre máquinas cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:144
@@ -2559,6 +3019,12 @@ msgid ""
"the search base of the LDAP server to make this work. Multiple values are "
"are not supported."
msgstr ""
+"Por defecto: no se fija, se usa el valor de los atributos "
+"defaultNamingContext o namingContexts de RootDSE del servidor LDAP usado. "
+"Si defaultNamingContext no existe o tiene un valor vacío se usa "
+"namingContexts. El atributo namingContexts debe tener un único valor con el "
+"DN de la base de búsqueda del servidor LDAP para hacer este trabajo. No se "
+"soportan múltiples valores."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:158
@@ -2572,31 +3038,35 @@ msgid ""
"the selected schema, the default attribute names retrieved from the servers "
"may vary. The way that some attributes are handled may also differ."
msgstr ""
+"Especifica el Tipo de Esquema en uso en el servidor LDAP objetivo. "
+"Dependiendo del esquema seleccionado, los nombres de atributos por defecto "
+"que se recuperan de los servidores pueden variar. La manera en que algunos "
+"atributos son manejados puede también diferir."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:168
msgid "Four schema types are currently supported:"
-msgstr ""
+msgstr "Cuatro tipos de esquema son actualmente soportados:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:172
msgid "rfc2307"
-msgstr ""
+msgstr "rfc2307"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:177
msgid "rfc2307bis"
-msgstr ""
+msgstr "rfc2307bis"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:182
msgid "IPA"
-msgstr ""
+msgstr "IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:187
msgid "AD"
-msgstr ""
+msgstr "AD"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:193
@@ -2608,6 +3078,13 @@ msgid ""
"attribute. The AD schema type sets the attributes to correspond with Active "
"Directory 2008r2 values."
msgstr ""
+"La principal diferencia entre estos tipos de esquemas es como las "
+"afiliaciones de grupo son grabadas en el servidor. Con rfc2307, los miembros "
+"de grupos son listados por nombre en el atributo <emphasis>memberUid</"
+"emphasis>. Con rfc2307bis e IPA, los miembros de grupo son listados por DN y "
+"almacenados en el atributo <emphasis>member</emphasis>. El tipo de esquema "
+"AD fija los atributos para corresponderse con los valores Active Directory "
+"2008r2."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:203
@@ -2623,6 +3100,7 @@ msgstr "ldap_default_bind_dn (cadena)"
#: sssd-ldap.5.xml:212
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
+"El enlazador DN por defecto a usar para llevar a cabo operaciones LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:219
@@ -2632,7 +3110,7 @@ msgstr "ldap_default_authtok_type (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:222
msgid "The type of the authentication token of the default bind DN."
-msgstr ""
+msgstr "El tipo de ficha de autenticación del enlazador DN por defecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:226
@@ -2652,7 +3130,7 @@ msgstr "obfuscated_password"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:235
msgid "Default: password"
-msgstr ""
+msgstr "Por defecto: contraseña"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:241
@@ -2665,6 +3143,8 @@ msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
+"La ficha de autenticación del enlazador DN por defecto. Sólo se soportan "
+"actualmente password de texto claro."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:251
@@ -2794,7 +3274,7 @@ msgstr "Predeterminado: nsUniqueId"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:354
msgid "ldap_user_objectsid (string)"
-msgstr ""
+msgstr "ldap_user_objectsid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:357
@@ -2802,11 +3282,14 @@ msgid ""
"The LDAP attribute that contains the objectSID of an LDAP user object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
+"El atributo LDAP que contiene el objectSID de un objeto usuario LDAP. Esto "
+"es normalmente sólo necesario para servidores ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
+"Por defecto: objectSid para ActiveDirectory, no fijado para otros servidores."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:369
@@ -2840,6 +3323,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
"the last password change)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
+"de un atributo LDAP correspondiente a su <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> homologo (fecha del último cambio de password)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:395
@@ -2859,6 +3346,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
"password age)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
+"de un atributo LDAP correspondiente a su <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> homologo (edad mínima del password)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:413
@@ -2878,6 +3369,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
"password age)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
+"de un atributo LDAP correspondiente a su <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> homologo (edad máxima del password)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:431
@@ -2897,6 +3392,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password warning period)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
+"de un atributo LDAP correspondiente a su <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> homologo (período de aviso de password)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:450
@@ -2916,6 +3415,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password inactivity period)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow, este parámetro contiene el nombre "
+"de un atributo LDAP correspondiente a su <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> homologo (período de inactividad de password)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:469
@@ -2935,6 +3438,11 @@ msgid ""
"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> counterpart (account expiration date)."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=shadow o "
+"ldap_account_expire_policy=shadow, este parámetro contiene el nombre de un "
+"atributo correspondiente con su <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> homólogo (fecha de "
+"expiración de la cuenta)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:488
@@ -2953,6 +3461,9 @@ msgid ""
"an LDAP attribute storing the date and time of last password change in "
"kerberos."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=mit_kerberos, este parámetro contiene el "
+"nombre de un atributo LDAP que almacena la fecha y la hora del último cambio "
+"de password en kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:503
@@ -2970,6 +3481,9 @@ msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
+"Cuando se utiliza ldap_pwd_policy=mit_kerberos, este parámetro contiene el "
+"nombre de un atributo LDAP que almacena la fecha y la hora en la que expira "
+"el password actual."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:518
@@ -2987,6 +3501,8 @@ msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
+"Cuando se utiliza ldap_account_expire_policy=ad, este parámetro contiene el "
+"nombre de un atributo LDAP que almacena el tiempo de expiración de la cuenta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:532
@@ -3004,6 +3520,9 @@ msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the user account control bit field."
msgstr ""
+"Cuando se usa ldap_account_expire_policy=ad, este parámetro contiene el "
+"nombre de un atributo LDAP que almacena el campo bit de control de la cuenta "
+"de usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:546
@@ -3021,6 +3540,8 @@ msgid ""
"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
"determines if access is allowed or not."
msgstr ""
+"Cuando se usa ldap_account_expire_policy=rhds o esquivalente, este parámetro "
+"determina si el acceso está permitido o no."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:560
@@ -3038,6 +3559,8 @@ msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines if "
"access is allowed or not."
msgstr ""
+"Cuando se usa ldap_account_expire_policy=nds, este atributo determina si el "
+"acceso está permitido o no."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587
@@ -3055,6 +3578,8 @@ msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines until "
"which date access is granted."
msgstr ""
+"Cuando se usa ldap_account_expire_policy=nds, este atributo determina hasta "
+"que fecha se concede el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:593
@@ -3067,6 +3592,8 @@ msgid ""
"When using ldap_account_expire_policy=nds, this attribute determines the "
"hours of a day in a week when access is granted."
msgstr ""
+"Cuando se utiliza ldap_account_expire_policy=nds, este atributo determina la "
+"hora de un día en la semana cuando se concede el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:601
@@ -3084,6 +3611,8 @@ msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
+"El atributo LDAP que contiene le Nombre Principal de Usuario Kerberos (UPN) "
+"del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:614
@@ -3093,12 +3622,12 @@ msgstr "Predeterminado: krbPrincipalName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:620
msgid "ldap_user_ssh_public_key (string)"
-msgstr ""
+msgstr "ldap_user_ssh_public_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:623
msgid "The LDAP attribute that contains the user's SSH public keys."
-msgstr ""
+msgstr "El atributo LDAP que contiene las claves públicas SSH del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:630
@@ -3113,6 +3642,10 @@ msgid ""
"fail. Set this option to a non-zero value if you want to use an upper-case "
"realm."
msgstr ""
+"Algunos servidores de directorio, por ejemplo Active Directory, pueden "
+"entregar la parte real del UPN en minúsculas, lo que puede causar fallos de "
+"autenticación. Fije esta opción en un valor distinto de cero si usted desea "
+"usar mayúsculas reales."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:646
@@ -3125,11 +3658,13 @@ msgid ""
"Specifies how many seconds SSSD has to wait before refreshing its cache of "
"enumerated records."
msgstr ""
+"Especifica cuantos segundos SSSD tiene que esperar antes de refrescar su "
+"escondrijo de los registros enumerados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:660
msgid "ldap_purge_cache_timeout (integer)"
-msgstr ""
+msgstr "ldap_purge_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:663
@@ -3138,6 +3673,9 @@ msgid ""
"with no members and users who have never logged in) and remove them to save "
"space."
msgstr ""
+"Determina la frecuencia de comprobación del cache para entradas inactivas "
+"(como grupos sin miembros y usuarios que nunca han accedido) y borrarlos "
+"para guardar espacio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:669
@@ -3163,8 +3701,8 @@ msgstr "El atributo LDAP que corresponde al nombre completo del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "Predeterminado: cn"
@@ -3176,10 +3714,10 @@ msgstr "ldap_user_member_of (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:695
msgid "The LDAP attribute that lists the user's group memberships."
-msgstr ""
+msgstr "El atributo LDAP que lista los afiliación a grupo de usario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr "Predeterminado: memberOf"
@@ -3195,6 +3733,9 @@ msgid ""
"use the presence of the authorizedService attribute in the user's LDAP entry "
"to determine access privilege."
msgstr ""
+"Si access_provider=ldap y ldap_access_order=authorized_service, SSSD "
+"utilizará la presencia del atributo authorizedService en la entrada LDAP del "
+"usuario para determinar el privilegio de acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:715
@@ -3202,6 +3743,8 @@ msgid ""
"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
+"Una denegación explícita (¡svc) se resuelve primero. Segundo, SSSD busca "
+"permiso explícito (svc) y finalmente permitir todo (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
@@ -3220,6 +3763,9 @@ msgid ""
"presence of the host attribute in the user's LDAP entry to determine access "
"privilege."
msgstr ""
+"Si access_provider=ldap y ldap_access_order=host, SSSD utilizará la "
+"presencia del atributo host en la entrada LDAP del usuario para determinar "
+"el privilegio de acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:735
@@ -3227,6 +3773,8 @@ msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
+"Una denegación explícita (¡host) se resuelve primero. Segundo, la búsqueda "
+"SSSD para permiso explícito (host) y finalmente permitir todo (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:740
@@ -3296,7 +3844,7 @@ msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:810
msgid "ldap_group_objectsid (string)"
-msgstr ""
+msgstr "ldap_group_objectsid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:813
@@ -3304,6 +3852,8 @@ msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
+"El atributo LDAP que contiene el objectSID de un objeto grupo LDAP. Esto es "
+"normalmente sólo necesario para servidores ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:825
@@ -3322,6 +3872,10 @@ msgid ""
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
"follow. This option has no effect on the RFC2307 schema."
msgstr ""
+"Si ldap_schema está fijado en un formato de esquema que soporte los grupos "
+"anidados (por ejemplo, RFC2307bis), entonces esta opción controla cuantos "
+"niveles de anidamiento seguirá SSSD. Este opción no tiene efecto en el "
+"esquema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:848
@@ -3331,7 +3885,7 @@ msgstr "Predeterminado: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:854
msgid "ldap_groups_use_matching_rule_in_chain"
-msgstr ""
+msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:857
@@ -3340,6 +3894,9 @@ msgid ""
"feature which may speed up group lookup operations on deployments with "
"complex or deep nested groups."
msgstr ""
+"Esta opción le dice a SSSD como tomar ventajar de una función específica de "
+"Active Directory que puede acelerar las operaciones de búsqueda de grupo son "
+"despliegues con grupos complejos o profundamente anidados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:863
@@ -3347,6 +3904,9 @@ msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
+"En los casos más comunes, es mejor dejar esta opción deshabilitada. "
+"Generalmente sólo suministra un incremento de rendimiento en anidamientos "
+"muy complejos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
@@ -3355,6 +3915,9 @@ msgid ""
"supports it during initial connection. So \"True\" here essentially means "
"\"auto-detect\"."
msgstr ""
+"Si esta opción está habilitada, SSSD la usará si detecta que el servidor la "
+"soporta durante la conexión inicial. De modo que “True” aquí significa "
+"esencialmente “auto-detect”."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
@@ -3364,17 +3927,21 @@ msgid ""
"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
"for more details."
msgstr ""
+"Nota: Esta función se sabe que actualmente trabajo sólo con Active Directory "
+"2008 R1 y posteriores. Vea <ulink url=\"http://msdn.microsoft.com/en-us/"
+"library/windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) "
+"documentation</ulink> para más detalles."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
-msgstr ""
+msgstr "Por defecto: False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:886
msgid "ldap_initgroups_use_matching_rule_in_chain"
-msgstr ""
+msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:889
@@ -3383,6 +3950,9 @@ msgid ""
"feature which might speed up initgroups operations (most notably when "
"dealing with complex or deep nested groups)."
msgstr ""
+"Esta opción le dice a SSSD que tome ventaja de una función específica de "
+"Active Directory que puede acelerar las operaciones de inicio de grupo (más "
+"notable cuando se trata con grupos complejos o profundamente anidados)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:913
@@ -3397,7 +3967,7 @@ msgstr "La clase de objeto de una entrada netgroup en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:919
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
-msgstr ""
+msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:923
@@ -3417,7 +3987,7 @@ msgstr "El atributo LDAP que corresponde al nombre del netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:936
msgid "In IPA provider, ipa_netgroup_name should be used instead."
-msgstr ""
+msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:946
@@ -3428,11 +3998,12 @@ msgstr "ldap_netgroup_member (cadena)"
#: sssd-ldap.5.xml:949
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
+"El atributo LDAP que contiene los nombres de los miembros de grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:953
msgid "In IPA provider, ipa_netgroup_member should be used instead."
-msgstr ""
+msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:957
@@ -3449,11 +4020,13 @@ msgstr "ldap_netgroup_triple (cadena)"
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
+"El atributo LDAP que contiene los (host, usuario, dominio) triples de grupo "
+"de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
msgid "This option is not available in IPA provider."
-msgstr ""
+msgstr "Esta opción no está disponible en el proveedor IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:973
@@ -3470,11 +4043,12 @@ msgstr "ldap_netgroup_uuid (cadena)"
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
+"El atributo LDAP que contiene el UUID/GUID de un objeto de grupo de red LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:986
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
-msgstr ""
+msgstr "Un proveedor IPA ipa_netgroup_uuid sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:996
@@ -3484,22 +4058,22 @@ msgstr "ldap_netgroup_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1012
msgid "ldap_service_object_class (string)"
-msgstr ""
+msgstr "ldap_service_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1015
msgid "The object class of a service entry in LDAP."
-msgstr ""
+msgstr "La clase objeto de una entrada de servicio en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1018
msgid "Default: ipService"
-msgstr ""
+msgstr "Por defecto: ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1024
msgid "ldap_service_name (string)"
-msgstr ""
+msgstr "ldap_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1027
@@ -3507,42 +4081,44 @@ msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
+"El atributo LDAP que contiene el nombre de servicio de atributos y sus alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1037
msgid "ldap_service_port (string)"
-msgstr ""
+msgstr "ldap_service_port (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1040
msgid "The LDAP attribute that contains the port managed by this service."
-msgstr ""
+msgstr "El atributo LDAP que contiene el puerto manejado por este servicio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1044
msgid "Default: ipServicePort"
-msgstr ""
+msgstr "Por defecto: ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1050
msgid "ldap_service_proto (string)"
-msgstr ""
+msgstr "ldap_service_proto (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1053
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
+"El atributo LDAP que contiene los protocolos entendidos por este servicio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1057
msgid "Default: ipServiceProtocol"
-msgstr ""
+msgstr "Por defecto: ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1063
msgid "ldap_service_search_base (string)"
-msgstr ""
+msgstr "ldap_service_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1068
@@ -3556,6 +4132,9 @@ msgid ""
"before they are cancelled and cached results are returned (and offline mode "
"is entered)"
msgstr ""
+"Especifica el tiempo de salida (en segundos) que la búsqueda ldap está "
+"permitida para correr antes que de quea cancelada y los resultados "
+"escondidos devueltos (y se entra en modo fuera de línea)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1077
@@ -3564,9 +4143,13 @@ msgid ""
"will likely be replaced at some point by a series of timeouts for specific "
"lookup types."
msgstr ""
+"Nota: esta opción será sujeto de cambios en las futuras versiones del SSSD. "
+"Probablemente será sustituido en algunos puntos por una serie de tiempos de "
+"espera para tipos específicos de búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Predeterminado: 6"
@@ -3582,6 +4165,10 @@ msgid ""
"enumerations are allowed to run before they are cancelled and cached results "
"are returned (and offline mode is entered)"
msgstr ""
+"Especifica el tiempo de espera (en segundos) en los que las búsquedas ldap "
+"de enumeraciones de usuario y grupo están permitidas de correr antes de que "
+"sean canceladas y devueltos los resultados escondidos (y se entra en modo "
+"fuera de línea)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1105
@@ -3598,6 +4185,12 @@ msgid ""
"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
"citerefentry> returns in case of no activity."
msgstr ""
+"Especifica el tiempo de salida (en segudos) después del cual <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
+"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
+"manvolnum> </citerefentry> siguiendo un <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
+"citerefentry> vuelve en caso de no actividad."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1131
@@ -3611,6 +4204,10 @@ msgid ""
"will abort if no response is received. Also controls the timeout when "
"communicating with the KDC in case of SASL bind."
msgstr ""
+"Especifica un tiempo de salida (en segundos) después del cual las llamadas a "
+"APIs síncronos LDAP se abortarán si no se recibe respuesta. También controla "
+"el tiempo de salida cuando se está comunicando con el KDC en el caso del "
+"enlazador SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1146
@@ -3625,9 +4222,13 @@ msgid ""
"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
"the TGT lifetime) will be used."
msgstr ""
+"Especifica un tiempo de espera (en segundos) en el que se mantendrá una "
+"conexión a un servidor LDAP. Después de este tiempo, la conexión será "
+"restablecida. Si su usa en paralelo con SASL/GSSAPI, se usará el valor más "
+"temprano (este valor contra el tiempo de vida TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr "Predeterminado: 900 (15 minutos)"
@@ -3642,6 +4243,8 @@ msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
+"Especifica el número de registros a recuperar desde una única petición LDAP. "
+"Algunos servidores LDAP hacen cumplir un límite máximo por petición."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1171
@@ -3651,7 +4254,7 @@ msgstr "Predeterminado: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1177
msgid "ldap_disable_paging (boolean)"
-msgstr ""
+msgstr "ldap_disable_paging (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1180
@@ -3660,6 +4263,9 @@ msgid ""
"server reports that it supports the LDAP paging control in its RootDSE but "
"it is not enabled or does not behave properly."
msgstr ""
+"Deshabilita el control de paginación LDAP. Esta opción se debería usar si el "
+"servidor LDAP reporta que soporta el control de paginación LDAP en sus "
+"RootDSE pero no está habilitado o no se comporta apropiadamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1186
@@ -3667,6 +4273,9 @@ msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
+"Ejemplo: los servidores OpenLDAP con el módulo de control de paginación "
+"instalado sobre el servidor pero no habilitado lo reportarán en el RootDSE "
+"pero es incapaz de usarlo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1192
@@ -3675,11 +4284,14 @@ msgid ""
"a time on a single connection. On busy clients, this can result in some "
"requests being denied."
msgstr ""
+"Ejemplo: 389 DS tiene un bug donde puede sólo soportar un control de "
+"paginación a la vez en una única conexión. Sobre clientes ocupados, esto "
+"puede ocasionar que algunas peticiones sean denegadas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1204
msgid "ldap_sasl_minssf (integer)"
-msgstr ""
+msgstr "ldap_sasl_minssf (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1207
@@ -3688,11 +4300,16 @@ msgid ""
"security level necessary to establish the connection. The values of this "
"option are defined by OpenLDAP."
msgstr ""
+"Cuando se está comunicando con un servidor LDAP usando SASL, especifica el "
+"nivel de seguridad mínimo necesario para establecer la conexión. Los valores "
+"de esta opción son definidos por OpenLDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1213
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
+"Por defecto: Usa el sistema por defecto (normalmente especificado por ldap."
+"conf)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1220
@@ -3706,12 +4323,17 @@ msgid ""
"cache in order to trigger a dereference lookup. If less members are missing, "
"they are looked up individually."
msgstr ""
+"Especifica el número de miembros del grupo que deben estar desaparecidos "
+"desde el escondrijo interno con el objetivo de disparar una búsqueda "
+"deference. Si hay menos miembros desaparecidos, se buscarán individualmente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1229
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
+"Usted puede quitar las búsquedas dereference completamente fijando el valor "
+"a 0."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1233
@@ -3721,6 +4343,10 @@ msgid ""
"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
"Directory."
msgstr ""
+"Una búsqueda dereference es un medio de descargar todos los miembros del "
+"grupo en una única llamada LDAP. Servidores diferentes LDAP pueden "
+"implementar diferentes métodos dereference. Los servidores actualmente "
+"soportados son 389/RHDS, OpenLDAP y Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1241
@@ -3729,6 +4355,9 @@ msgid ""
"filter, then the dereference lookup performance enhancement will be disabled "
"regardless of this setting."
msgstr ""
+"<emphasis>Nota:</emphasis> Si alguna de las bases de búsqueda especifica un "
+"filtro de búsqueda, la mejora del rendimiento de la búsqueda dereference "
+"será deshabilitado sin tener en cuenta este ajuste."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1254
@@ -3741,6 +4370,9 @@ msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
+"Especifica que comprobaciones llevar a cabo sobre los certificados del "
+"servidor en una sesión TLS, si las hay. Puede ser especificado como uno de "
+"los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1263
@@ -3748,6 +4380,8 @@ msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
+"<emphasis>never</emphasis> = El cliente no pedirá o comprobará ningún "
+"certificado de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1267
@@ -3756,6 +4390,9 @@ msgid ""
"certificate is provided, the session proceeds normally. If a bad certificate "
"is provided, it will be ignored and the session proceeds normally."
msgstr ""
+"<emphasis>allow</emphasis> = Se pide el certificado del servidor. Si no se "
+"suministra certificado, la sesión sigue normalmente. Si se suministra un "
+"certificado malo, será ignorado y la sesión continua normalmente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1274
@@ -3764,6 +4401,9 @@ msgid ""
"certificate is provided, the session proceeds normally. If a bad certificate "
"is provided, the session is immediately terminated."
msgstr ""
+"<emphasis>try</emphasis> = Se pide el certificado del servidor. Si no se "
+"suministra certificado, la sesión continua normalmente. Si se suministra un "
+"certificado malo, la sesión se termina inmediatamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1280
@@ -3772,6 +4412,9 @@ msgid ""
"certificate is provided, or a bad certificate is provided, the session is "
"immediately terminated."
msgstr ""
+"<emphasis>demand</emphasis> = Se pide el certificado del servidor. Si no se "
+"suministra certificado, o se suministra un certificado malo, la sesión se "
+"termina inmediatamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1286
@@ -3794,6 +4437,8 @@ msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
+"Especifica el fichero que contiene los certificados de todas las Autoridades "
+"de Certificación que <command>sssd</command> reconocerá."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
@@ -3801,6 +4446,8 @@ msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
+"Por defecto: use los valores por defecto OpenLDAP, normalmente en <filename>/"
+"etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1311
@@ -3815,6 +4462,11 @@ msgid ""
"be the hash of the certificate followed by '.0'. If available, "
"<command>cacertdir_rehash</command> can be used to create the correct names."
msgstr ""
+"Especifica la ruta de un directorio que contiene los certificados de las "
+"Autoridades de Certificación en ficheros individuales separados. Normalmente "
+"los nombres de fichero necesita ser el hash del certificado seguido por "
+"‘.0’. si esta disponible <command>cacertdir_rehash</command> puede ser usado "
+"para crear los nombres correctos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1329
@@ -3825,6 +4477,7 @@ msgstr "ldap_tls_cert (cadena)"
#: sssd-ldap.5.xml:1332
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
+"Especifica el fichero que contiene el certificado para la clave del cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1342
@@ -3848,11 +4501,14 @@ msgid ""
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> for format."
msgstr ""
+"Especifica los conjuntos aceptables de cifrado. Normalmente es una lista "
+"separada por dos puntos. Vea el formato en <citerefentry><refentrytitle>ldap."
+"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1370
msgid "ldap_id_use_start_tls (boolean)"
-msgstr ""
+msgstr "ldap_id_use_start_tls (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1373
@@ -3860,11 +4516,13 @@ msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
+"Especifica que la id_de proveedor de la conexión debe también utilizar "
+"<systemitem class=\"protocol\">tls</systemitem> para proteger el canal."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1383
msgid "ldap_id_mapping (boolean)"
-msgstr ""
+msgstr "ldap_id_mapping (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1386
@@ -3873,11 +4531,15 @@ msgid ""
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
"on ldap_user_uid_number and ldap_group_gid_number."
msgstr ""
+"Especifica que SSSD intentaría mapear las IDs de usuario y grupo desde los "
+"atributos ldap_user_objectsid y ldap_group_objectsid en lugar de apoyarse en "
+"ldap_user_uid_number y ldap_group_gid_number."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1392
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
+"Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1402
@@ -3900,83 +4562,119 @@ msgstr "ldap_sasl_authid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1418
+#, fuzzy
+#| msgid ""
+#| "Specify the SASL authorization id to use. When GSSAPI is used, this "
+#| "represents the Kerberos principal used for authentication to the "
+#| "directory."
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
+"Especifica la id de autorización SASL a usar. Cuando se usa GSSAPI, esto "
+"representa el principal Kerberos usado para autenticación al directorio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
+msgstr "Por defecto: host/nombre_de_host@REALM"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
+"Si se fija en true, la librería LDAP llevaría a cabo una búsqueda inversa "
+"para para canocalizar el nombre de host durante una unión SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "Predeterminado: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
-msgstr ""
+msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
+"Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</"
+"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
-msgstr ""
+msgstr "ldap_krb5_init_creds (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
"GSSAPI."
msgstr ""
+"Especifica la id de proveedor que iniciaría las credenciales Kerberos (TGT). "
+"Esta acción se lleva a cabo sólo si SASL se usa y el mecanismo seleccionado "
+"es GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
-msgstr ""
+msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "Predeterminado: 86400 (24 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
-msgstr ""
+msgstr "krb5_server, krb5_backup_server (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3986,59 +4684,75 @@ msgid ""
"discovery is enabled - for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
+"Especifica una lista separada por comas de direcciones IP o nombres de host "
+"de los servidores Kerberos a los cuales se conectaría SSSD en orden de "
+"preferencia. Para más información sobre failover y redundancia de servidor, "
+"vea la sección <quote>FAILOVER</quote>. Un número de puerto opcional "
+"(precedido de dos puntos) puede ser añadido a las direcciones o nombres de "
+"host. Si está vacío, el servicio descubridor está habilitado – para más "
+"información, vea la sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
"none are found."
msgstr ""
+"Cuando se utiliza el servicio descubiertos para servidores KDC o kpasswd, "
+"SSSD primero busca entradas DNS que especifiquen _udop como protocolo y "
+"regresa a _tcp si no se encuentra nada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
"migrate their config files to use <quote>krb5_server</quote> instead."
msgstr ""
+"Este opción se llamaba <quote>krb5_kdcip</quote> en las revisiones más "
+"tempranas de SSSD. Mientras el legado de nombre se reconoce por el tiempo "
+"que sea, los usuarios son advertidos para migrar sus ficheros de "
+"configuración para usar <quote>krb5_server</quote> en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
-msgstr ""
+msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
+"Especifica si el host principal sería estandarizado cuando se conecte a un "
+"servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4047,78 +4761,100 @@ msgstr ""
"del cliente. Los siguientes valores son permitidos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
+"<emphasis>none</emphasis> - Sin evaluación en el lado cliente. Esta opción "
+"no puede deshabilitar las políticas de password en el lado servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
"evaluate if the password has expired."
msgstr ""
+"<emphasis>shadow</emphasis> - Usa los atributos de estilo "
+"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> para evaluar si la contraseña ha expirado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+"<emphasis>mit_kerberos</emphasis> - Usa los atributos utilizados por MIT "
+"Kerberos para determinar si el password ha expirado. Use "
+"chpass_provider=krb5 para actualizar estos atributos cuando se cambia el "
+"password."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "Predeterminado: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
+"Especifica si el seguimiento de referencias automático debería ser "
+"habilitado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
+"Por favor advierta que sssd sólo soporta seguimiento de referencias cuando "
+"está compilado con OpenLDAP versión 2.4.13 o más alta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
"does not in fact require the use of referrals, setting this option to false "
"might bring a noticeable performance improvement."
msgstr ""
+"Al perseguir referencia se puede incurrir en una penalización de rendimiento "
+"en entornos que lo usen pesadamente, un ejemplo notable es Microsoft Active "
+"Directory. Si su ajuste no requieren de hecho el uso de referencias, fijar "
+"esta opción a false le llevará a una notable mejora de rendimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Especifica el nombre del servicio para utilizar cuando está habilitado el "
"servicio de descubrimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr "Predeterminado: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4128,29 +4864,31 @@ msgstr ""
"descubrimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
-msgstr ""
+msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
-msgstr ""
+msgstr "ldap_chpass_update_last_change (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
+"Especifica si actualizar el atributo ldap_user_shadow_last_change con días "
+"desde el Epoch después de una operación de cambio de contraseña."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4159,14 +4897,21 @@ msgid ""
"set, it will result in all users being denied access. Use access_provider = "
"permit to change this default behavior."
msgstr ""
+"Si se usa access_provider = ldap and ldap_access_order = filter (por "
+"defecto), esta opción es obligatoria. Especifica un criterio de filtro de "
+"búsqueda LDAP que debe ser encontrado para que el usuario obtenga acceso en "
+"este host. Si access_provider = ldap, ldap_access_order = filter y esta "
+"opción no está fijada, resultará que se denegará el acceso a todos los "
+"usuarios. Use access_provider = permit para cambiar este comportamiento por "
+"defecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "Ejemplo:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4178,108 +4923,132 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
+"Este ejemplo significa que el acceso a este host está restringido a miembros "
+"del grupo “allowedusers” en ldap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
"access during their last login, they will continue to be granted access "
"while offline and vice-versa."
msgstr ""
+"El escondrijo fuera de línea para esta característica está limitado a "
+"determinar si el último login en línea del usuario alcanzó permiso de "
+"acceso. Si les fue concedido acceso durante su último login, continuará "
+"obteniendo acceso mientras esté fuera de línea y viceversa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr "Predeterminado: vacío"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
+"Con esta opción pueden ser habilitados los atributos de evaluación de "
+"control de acceso del lado cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
"even if the password is correct."
msgstr ""
+"Por favor advierta que siempre se recomienda utilizar el control de acceso "
+"del lado servidor, esto es el servidor LDAP denegaría petición de enlace con "
+"una código de error definible aunque el password sea correcto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr "Los siguientes valores están permitidos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
+"<emphasis>shadow</emphasis>: usa el valor de ldap_user_shadow_expire para "
+"determinar si la cuenta ha expirado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
"set. If the attribute is missing access is granted. Also the expiration time "
"of the account is checked."
msgstr ""
+"<emphasis>ad</emphasis>: usa el valor del campo de 32 bit "
+"ldap_user_ad_user_account_control y permite el acceso si el segundo bit no "
+"está fijado. Si el atributo está desaparecido se concede el acceso. También "
+"se comprueba el tiempo de expiración de la cuenta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
"allowed or not."
msgstr ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
+"emphasis>: usa el valor de ldap_ns_account_lock para comprobar si se permite "
+"el acceso o no."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
"If both attributes are missing access is granted."
msgstr ""
+"<emphasis>nds</emphasis>: los valores de "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled y "
+"ldap_user_nds_login_expiration_time se usan para comprobar si el acceso está "
+"permitido. Si ambos atributos están desaparecidos se concede el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Lista separada por coma de opciones de control de acceso. Los valores "
"permitidos son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4288,17 +5057,18 @@ msgstr ""
"autorizedService para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
+"<emphasis>host</emphasis>: usa el atributo host para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "Predeterminado: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -4307,49 +5077,94 @@ msgstr ""
"una vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
+"Especifica cómo se hace la eliminación de referencias al alias cuando se "
+"lleva a cabo una búsqueda. Están permitidas las siguientes opciones:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
+"<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
+"<emphasis>searching</emphasis>: Las referencias al alias son eliminadas en "
+"subordinadas del objeto base, pero no en localización del objeto base de la "
+"búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
+"<emphasis>finding</emphasis>: Sólo se eliminarán las referencias a alias "
+"cuando se localice el objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
+"<emphasis>always</emphasis>: Las referencias al alias se eliminarán tanto "
+"para la búsqueda como en la localización del objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+"Por defecto: Vacío (esto es manejado como <emphasis>nunca</emphasis> por las "
+"librerías cliente LDAP)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (booleano)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
@@ -4360,448 +5175,511 @@ msgid ""
"manvolnum> </citerefentry> manual page for full details. <placeholder type="
"\"variablelist\" id=\"0\"/>"
msgstr ""
+"Todas las opciones de configuración comunes que se aplican a los dominios "
+"SSSD también se aplican a los dominios LDAP. Vea la sección <quote>DOMAIN "
+"SECTIONS</quote> de la página de manual <citerefentry> <refentrytitle>sssd."
+"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para detalles "
+"completos. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
-msgstr ""
+msgstr "OPCIONES SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
-msgstr ""
+msgstr "ldap_sudorule_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
-msgstr ""
+msgstr "El objeto clase de una regla de entrada sudo en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
-msgstr ""
+msgstr "Por defecto: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
-msgstr ""
+msgstr "ldap_sudorule_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
-msgstr ""
+msgstr "El atributo LDAP que corresponde a la regla nombre de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
-msgstr ""
+msgstr "ldap_sudorule_command (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
-msgstr ""
+msgstr "El atributo LDAP que corresponde al nombre de comando."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
-msgstr ""
+msgstr "Por defecto: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
-msgstr ""
+msgstr "ldap_sudorule_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
+"El atributo LDAP que corresponde al nombre de host (o dirección IP del host, "
+"red IP del host o grupo de red del host)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
-msgstr ""
+msgstr "Por defecto: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
-msgstr ""
+msgstr "ldap_sudorule_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
+"El atributo LDAP que corresponde al nombre de usuario (o UID. nombre de "
+"grupo o grupo de red del usuario)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
-msgstr ""
+msgstr "Por defecto: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
-msgstr ""
+msgstr "ldap_sudorule_option (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
-msgstr ""
+msgstr "El atributo LDAP que corresponde a las opciones sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
-msgstr ""
+msgstr "Por defecto: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
-msgstr ""
+msgstr "ldap_sudorule_runasuser (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
+"El atributo LDAP que corresponde al nombre de usuario que los comandos "
+"pueden ejecutar como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
-msgstr ""
+msgstr "Por defectot: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
-msgstr ""
+msgstr "ldap_sudorule_runasgroup (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
+"El atributo LDAP que corresponde al nombre de grupo o GID de grupo que puede "
+"ejecutar comandos como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
-msgstr ""
+msgstr "Por defecto: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
-msgstr ""
+msgstr "ldap_sudorule_notbefore (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
+"El atributo LDAP que corresponde al inicio de fecha/hora para cuando la "
+"regla sudo es válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
-msgstr ""
+msgstr "Por defecto: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
-msgstr ""
+msgstr "ldap_sudorule_notafter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
+"El atributo LDAP que corresponde a la fecha/hora final, después de la cual "
+"la regla sudo dejará de ser válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
-msgstr ""
+msgstr "Por defecto: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
-msgstr ""
+msgstr "ldap_sudorule_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
-msgstr ""
+msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
-msgstr ""
+msgstr "Por defecto: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
-msgstr ""
+msgstr "ldap_sudo_full_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
+"Cuantos segundos esperará SSSD entre ejecutar un refresco total de las "
+"reglas sudo (que descarga todas las reglas que están almacenadas en el "
+"servidor)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
+"El valor debe ser mayor que <emphasis>ldap_sudo_smart_refresh_interval </"
+"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
-msgstr ""
+msgstr "Por defecto: 21600 (6 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
-msgstr ""
+msgstr "ldap_sudo_smart_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
"of cached rules)."
msgstr ""
+"Cuantos segundos tiene que esperar SSSD antes de ejecutar una actualización "
+"inteligente de las reglas sudo (que descarga todas las reglas que tienen "
+"USBN más alto que el USN más alto de las reglas escondidas)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
+"Si los atributos USN no se soportan por el servidor, se usa en su lugar el "
+"atributo modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
-msgstr ""
+msgstr "ldap_sudo_use_host_filter (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
+"Si es true, SSSD descargará sólo las reglas que son aplicables a esta "
+"máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
-msgstr ""
+msgstr "ldap_sudo_hostnames (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
+"Lista separada por espacios de nombres de host o nombres de dominio "
+"totalmente cualificados que sería usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
+"Si esta opción está vacía, SSSD intentará descubrir el nombre de host y el "
+"nombre de dominio totalmente cualificado automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
+"Si <emphasis>ldap_sudo_use_host_filter</emphasis> es <emphasis>false</"
+"emphasis> esta opción no tiene efecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
-msgstr ""
+msgstr "Por defecto: no especificado"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
-msgstr ""
+msgstr "ldap_sudo_ip (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
+"Lista separada por espacios de direcciones de host/red IPv4 o IPv6 que sería "
+"usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
+"esta opción está vacía, SSSD intentará descrubrir las direcciones "
+"automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
-msgstr ""
+msgstr "sudo_include_netgroups (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
+"Si está a true SSSD descargará cada regla que contenga un grupo de red en el "
+"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
-msgstr ""
+msgstr "ldap_sudo_include_regexp (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
+#, fuzzy
+#| msgid ""
+#| "If true then SSSD will download every rule that contains a netgroup in "
+#| "sudoHost attribute."
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
+"Si está a true SSSD descargará cada regla que contenga un grupo de red en el "
+"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
-msgstr ""
+msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
+"Esta página de manual sólo describe el atributo de nombre mapping. Para una "
+"explicación detallada de la semántica del atributo relacionada con sudo, vea "
+"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</"
+"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
-msgstr ""
+msgstr "OPCIONES AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
+"Por favor advierta que los valores por defecto corresponden al esquema por "
+"defecto del RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
-msgstr ""
+msgstr "ldap_autofs_map_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
-msgstr ""
+msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
-msgstr ""
+msgstr "Por defecto: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
-msgstr ""
+msgstr "ldap_autofs_map_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
-msgstr ""
+msgstr "El nombre de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
-msgstr ""
+msgstr "Por defecto: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
+"La clave de una entrada de automontaje en LDAP. La entrada corresponde "
+"normalmente a un punto de montaje."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_value (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
-msgstr ""
+msgstr "Por defecto: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
"\"variablelist\" id=\"4\"/>"
msgstr ""
+"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "OPCIONES AVANZADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
+"Esta opción especifica un criterio de filtro de búsqueda LDAP adicional que "
+"restringe las búsquedas del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
+"Esta opción está <emphasis>obsoleta</emphasis> en favor de la sintaxis "
+"utilizada por ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4811,60 +5689,82 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
+"Este filtro restringiría las búsquedas del usuario a los usuario que tengan "
+"su shell fijado en /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
+"Esta opción especifica un criterio de filtro de búsqueda LDAP adicional que "
+"restringe las búsquedas de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
+"Esta opción está <emphasis>obsoleta</emphasis> en favor de la sintaxis "
+"utilizada por ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
-msgstr ""
+msgstr "ldap_sudo_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
-msgstr ""
+msgstr "ldap_autofs_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Estas opciones son soportadas por los dominios LDAP, pero sólo deberían ser "
+"utilizadas con precaución. Por favor inclúyalas en su configuración sólo si "
+"usted sabe lo que está haciendo. <placeholder type=\"variablelist\" id=\"0\"/"
+">"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
"section."
msgstr ""
+"El siguiente ejemplo asume que SSSS está configurado correctamente y LDAP "
+"está fijado a uno de los dominios de la sección <replaceable>[domains]</"
+"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -4873,7 +5773,6 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -4885,25 +5784,30 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
"distribution."
msgstr ""
+"Las descripciones de algunas de las opciones de configuración en esta página "
+"de manual están basadas en la página de manual <refentrytitle>ldap.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> de la distribución "
+"OpenLDAP 2.4."
#. type: Content of: <refentryinfo>
#: pam_sss.8.xml:8 include/upstream.xml:2
@@ -4948,6 +5852,9 @@ msgid ""
"Services daemon (SSSD). Errors and results are logged through <command>syslog"
"(3)</command> with the LOG_AUTHPRIV facility."
msgstr ""
+"<command>pam_sss.so</command> es la interfaz PAM para el demonio Servicios "
+"de Seguridad de Sistema (SSSD). Los errores y resultados son registrados a "
+"través de <command>syslog(3)</command> con la facilidad LOG_AUTHPRIV."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:55
@@ -4957,7 +5864,7 @@ msgstr "<option>quiet</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:58
msgid "Suppress log messages for unknown users."
-msgstr ""
+msgstr "Suprime el registro de mensajes de usuarios desconocidos."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:63
@@ -4970,6 +5877,8 @@ msgid ""
"If <option>forward_pass</option> is set the entered password is put on the "
"stack for other PAM modules to use."
msgstr ""
+"Si <option>forward_pass</option> está fijada el password introducido se pone "
+"en la pila para que lo usen otros módulos PAM."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:73
@@ -4983,6 +5892,9 @@ msgid ""
"modules password and will never prompt the user - if no password is "
"available or the password is not appropriate, the user will be denied access."
msgstr ""
+"El argumento use_first_pass fuerza al módulo a usar un módulo de password "
+"apilado previamente y nunca preguntará al usuario - si no hay password "
+"disponible o el password no es apropiado, se denegará el acceso al usuario."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:84
@@ -4995,6 +5907,8 @@ msgid ""
"When password changing enforce the module to set the new password to the one "
"provided by a previously stacked password module."
msgstr ""
+"Cuando cambia el password fuerza al módulo a fijar el nuevo password a uno "
+"suministrado por un módulo de password previamente apilado."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:94
@@ -5007,6 +5921,8 @@ msgid ""
"If specified the user is asked another N times for a password if "
"authentication fails. Default is 0."
msgstr ""
+"Si el usuario especificado es preguntado N veces por un password si la "
+"autenticación falla. Por defecto es 0."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: pam_sss.8.xml:99
@@ -5015,11 +5931,14 @@ msgid ""
"calling PAM handles the user dialog on its own. A typical example is "
"<command>sshd</command> with <option>PasswordAuthentication</option>."
msgstr ""
+"Por favor advierta que esta opción puede no trabajar como se espera llamando "
+"PAM a manejar el diálogo de usuario por el mismo. Un ejecplo típico es "
+"<command>sshd</command> con <option>PasswordAuthentication</option>."
#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:110
msgid "MODULE TYPES PROVIDED"
-msgstr ""
+msgstr "TIPOS DE MÓDULOS SUMINISTRADOS"
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:111
@@ -5027,6 +5946,8 @@ msgid ""
"All module types (<option>account</option>, <option>auth</option>, "
"<option>password</option> and <option>session</option>) are provided."
msgstr ""
+"Todos los tipos de módulos (<option>account</option>, <option>auth</option>, "
+"<option>password</option> y <option>session</option>) son suministrados."
#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:117
@@ -5040,6 +5961,10 @@ msgid ""
"does not support password resets, an individual message can be displayed. "
"This message can e.g. contain instructions about how to reset a password."
msgstr ""
+"Si un password se resetea por un fallo de root, como el correspondiente "
+"proveedor SSSD no soporta el reseteo de password, se puede mostrar un "
+"mensaje individual. Este mensaje puede, por ejemplo, contener instrucciones "
+"sobre como resetear un password."
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:123
@@ -5052,6 +5977,14 @@ msgid ""
"the owner of the files and only root may have read and write permissions "
"while all other users must have only read permissions."
msgstr ""
+"El mensaje se lee desde el fichero <filename>pam_sss_pw_reset_message.LOC</"
+"filename> donde LOC destaca una cadena de lugar devuelta por <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
+"citerefentry>. Si no hay fichero coincidente se muestra el contenido de "
+"<filename>pam_sss_pw_reset_message.txt</filename>. Root debe ser el "
+"propietario de los ficheros y sólo root puede tener permisos de lectura y "
+"escritura mientras que todos los demás usuarios sólo tienen permisos de "
+"lectura."
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:133
@@ -5060,6 +5993,9 @@ msgid ""
"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
"displayed."
msgstr ""
+"Estos ficheros son buscados en el directorio <filename>/etc/sssd/customize/"
+"DOMAIN_NAME/</filename>. Si no hay archivos coincidentes se muestra un "
+"mensaje genérico."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
@@ -5081,6 +6017,17 @@ msgid ""
"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
+"El plugin localizador Kerberos <command>sssd_krb5_locator_plugin</command> "
+"se usa por el proveedor Kerberos de <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> para decir a las "
+"librerías Kerberos que Reino y que KDC usar. Normalmente esto se hace en "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> que es siempre leído por las librerías Kerberos. "
+"Para simplificar la configuración del Reino y el KDC puede ser definido en "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> como se describe en <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:48
@@ -5092,6 +6039,11 @@ msgid ""
"libraries it reads and evaluates these variables and returns them to the "
"libraries."
msgstr ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> pone el Reino y el nombre o dirección IP del KDC en las "
+"variables de entorno SSSD_KRB5_REALM y SSSD_KRB5_KDC respectivamente. Cuando "
+"<command>sssd_krb5_locator_plugin</command> es llamado por las librerías "
+"kerberos lee y evalúa estas variables y se las devuelve a las librerías."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:63
@@ -5100,6 +6052,9 @@ msgid ""
"<command>sssd_krb5_locator_plugin</command> is not available on your system "
"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
msgstr ""
+"No todas las implementaciones Kerberos soportan el uso de plugins. Si "
+"<command>sssd_krb5_locator_plugin</command> no está disponible en su sistema "
+"usted tiene que editar /etc/krb5.conf para reflejar sus ajustes Kerberos."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:69
@@ -5107,6 +6062,8 @@ msgid ""
"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
"debug messages will be sent to stderr."
msgstr ""
+"Si la variable de entorno SSSD_KRB5_LOCATOR_DEBUR está fijada a cualquier "
+"valor los mensajes de depuración se enviarán a stderr."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
@@ -5117,6 +6074,8 @@ msgstr "sssd-simple"
#: sssd-simple.5.xml:17
msgid "the configuration file for SSSD's 'simple' access-control provider"
msgstr ""
+"el fichero de configuración para en proveedor de control de acceso 'simple' "
+"de SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:24
@@ -5128,6 +6087,12 @@ msgid ""
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page."
msgstr ""
+"Esta página de manual describe la configuración del proveedor de control de "
+"acceso simple para <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. Para una referencia detallada de "
+"sintaxis, vea la sección <quote>FILE FORMAT</quote> de la página de manual "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:38
@@ -5135,6 +6100,9 @@ msgid ""
"The simple access provider grants or denies access based on an access or "
"deny list of user or group names. The following rules apply:"
msgstr ""
+"El proveedor de acceso simple otorga o deniega el acceso en base a una lista "
+"de acceso o denegación de usuarios o grupo de nombres. Se aplican las "
+"siguientes reglas:"
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:43
@@ -5147,6 +6115,9 @@ msgid ""
"If any list is provided, the order of evaluation is allow,deny. This means "
"that any matching deny rule will supersede any matched allow rule."
msgstr ""
+"Si se ha suministrado alguna lista, el orden de evaluación es permitir,"
+"denegar. Esto significa que cualquier regla de denegación será saltada por "
+"cualquier regla de permiso coincidente."
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:54
@@ -5154,6 +6125,8 @@ msgid ""
"If either or both \"allow\" lists are provided, all users are denied unless "
"they appear in the list."
msgstr ""
+"Si una o ambas listas de \"permiso\" se suministran, todos los usuarios "
+"serán denegados a no ser que aparezcan en la lista."
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:60
@@ -5161,6 +6134,8 @@ msgid ""
"If only \"deny\" lists are provided, all users are granted access unless "
"they appear in the list."
msgstr ""
+"Si sólo se suministran listas de \"denegación\", todos los usuarios "
+"obtendran acceso a no ser que aparezcan en la lista."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:78
@@ -5170,7 +6145,7 @@ msgstr "simple_allow_users (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-simple.5.xml:81
msgid "Comma separated list of users who are allowed to log in."
-msgstr ""
+msgstr "Lista separada por comas de usuarios a los está permitido el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:88
@@ -5181,6 +6156,8 @@ msgstr "simple_deny_users (cadena)"
#: sssd-simple.5.xml:91
msgid "Comma separated list of users who are explicitly denied access."
msgstr ""
+"Lista separada por comas de usuarios a los que explicítamente se les deniega "
+"el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:97
@@ -5193,6 +6170,9 @@ msgid ""
"Comma separated list of groups that are allowed to log in. This applies only "
"to groups within this SSSD domain. Local groups are not evaluated."
msgstr ""
+"Lista separada por comas de grupos que tienen permitido el acceso. Esto se "
+"aplica sólo a los grupos dentro del dominio SSSD. Los grupos locales no "
+"serán evaluados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:108
@@ -5206,33 +6186,54 @@ msgid ""
"applies only to groups within this SSSD domain. Local groups are not "
"evaluated."
msgstr ""
+"Lista separada por comas de grupos a los que explicítamente se les deniega "
+"el acceso. Esto se aplica sólo a los grupos dentro del dominio SSSD. Los "
+"grupos locales no serán evaluados."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page for details on the configuration of an SSSD "
"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Vea la sección <quote>DOMAIN SECTIONS</quote> de la página de manual "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> para detalles sobre la configuración de un "
+"dominio SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
+"Por favor advierta que es un error de configuración si tanto, "
+"simple_allow_users como simple_deny_user, están definidos."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the simple access provider-specific options."
msgstr ""
+"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
+"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
+"Este ejemplo muestra sólo las opciones específicas del proveedor de acceso "
+"simple."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5257,6 +6258,12 @@ msgid ""
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
+"Este página de manual describe la configuración del proveedor IPA para "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Para una referencia de sintaxis detalladas, vea la sección "
+"<quote>FILE FORMAT</quote> de la página de manual <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:36
@@ -5266,6 +6273,11 @@ msgid ""
"requires that the machine be joined to the IPA domain; configuration is "
"almost entirely self-discovered and obtained directly from the server."
msgstr ""
+"El proveedor IPA es un back end usado para conectar a un servidor IPA. (Vea "
+"el sitio web freeipa.org para información sobre los servidores IPA). Este "
+"proveedor requiere que la máquina este unido al dominio IPA; la "
+"configuración es casi enteramente auto descubierta y obtenida directamente "
+"del servidor."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:43
@@ -5276,6 +6288,11 @@ msgid ""
"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
"provider with some exceptions described below."
msgstr ""
+"El proveedor IPA acepta las mismas opciones usadas por el proveedor de "
+"identidad <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> y el proveedor de autenticación "
+"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> con algunas excepciones descritas abajo."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:55
@@ -5286,26 +6303,42 @@ msgid ""
"freeipa.org for more information about HBAC. No configuration of access "
"provider is required on the client side."
msgstr ""
+"Sin embargo, ni es necesario ni está recomendado fijar estas opciones. El "
+"proveedor IPA también puede ser usado como proveedor de acceso y cambio de "
+"contraseña. Como proveedor de acceso usa reglas HBAC (control de acceso "
+"basado en el host). Por favor vea freeipa.org para más información sobre "
+"HBAC. No se requiere configuración del proveedor de acceso en el lado "
+"cliente."
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
+"Especifica el nombre del dominio IPA. Esto es opcional. Si no se suministra, "
+"se usa el nombre de configuración del dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
-msgstr ""
+msgstr "ipa_server, ipa_backup_server (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5313,530 +6346,678 @@ msgid ""
"This is optional if autodiscovery is enabled. For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"La lista separada por comas de direcciones IP o nombres de host de los "
+"servidores IPA a los que SSSD se conectaría en orden de preferencia. Para "
+"más información sobre conmutación en error y redundancia de servidores, vea "
+"la sección <quote>FAILOVER</quote>. Esto es opcional si autodiscovery está "
+"habilitado. Para más información sobre el servicio descubridor, vea la "
+"sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
+"Opcional. Puede ser fijado en máquinas donde hostname(5) no refleja el "
+"nombre totalmente cualificado usado en el dominio IPA para identificar este "
+"host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
+"Opcional. Esta opción le dice a SSSD que actualice automáticamente el "
+"servidor DNS construido en FreeIPA v2 con la dirección IP de este cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
+"NOTA: Sobre sistemas más antiguos (como RHEL 5), para que este "
+"comportamiento trabaje fiablemente, el reino por defecto Kerberos debe ser "
+"fijado apropiadamente en /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 5 (seconds)"
+msgid "Default: 1200 (seconds)"
+msgstr "Predeterminado: 5 (segundos)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
+"Opcional. Aplicable sólo cuando ipa_dyndns_update esta a cierto. Elige la "
+"interfaz cuya dirección IP sería usada para actualizaciones dinámicas DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Predeterminado: Utilizar la dirección IP de la conexión IPA LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
+"Opcional. Usa la cadena dada como base de búsqueda para los objetos HBAC "
+"relacionados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr "Predeterminado: Utilizar DN base"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
-msgstr ""
+msgstr "ipa_host_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
-msgstr ""
+msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
+"Vea <quote>ldap_search_base</quote> para información sobre la configuración "
+"de múltiples bases de búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
"will be ignored."
msgstr ""
+"Si se dan filtros en alguna base de búsqueda y "
+"<emphasis>ipa_hbac_support_srchost</emphasis> está fijado a False, el filtro "
+"será ingnorado."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
-msgstr ""
+msgstr "ipa_selinux_search_base (cadena)Opcional. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
+"Opcional. Usa la cadena dada como base de búsqueda para los mapas de usuario "
+"SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
-msgstr ""
+msgstr "ipa_subdomains_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
+"Opcional: Usa la cadena dada como base de búsqueda de dominios de confianza."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
-msgstr ""
+msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
-msgstr ""
+msgstr "ipa_master_domain_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
+"Opcional: Usa la cadena dada como base de búsqueda para el objeto maestro de "
+"dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
-msgstr ""
+msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
+"Verifica con la ayuda de krb5_keytab que el TGT obtenido no ha sido burlado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
+"Advierta que este valor por defecto difiere del proveedor back end "
+"tradicional de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
+"El nombre del reino Kerberos. Esto es opcional y por defecto está al valor "
+"de <quote>ipa_domain</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
+"El nombre del reino Kerberos tiene un significado especial en IPA – es "
+"convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
"with MIT Kerberos >= 1.7"
msgstr ""
+"Especifica si el host y el usuario principal deberían ser estandarizados "
+"cuando se conecten a IPA LDAP y también para peticiones AS. Esta función "
+"está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
"access-control requests made in a short period."
msgstr ""
+"La cantidad de tiempo entre vbúsquedas de las reglas HBAC contra el servidor "
+"IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si hay "
+"muchas peticiones de control de acceso hechas en un corto período."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr "Predeterminado: 5 (segundos)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "ipa_hbac_refresh (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "ipa_hbac_refresh (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+#, fuzzy
+#| msgid ""
+#| "The amount of time between lookups of the HBAC rules against the IPA "
+#| "server. This will reduce the latency and load on the IPA server if there "
+#| "are many access-control requests made in a short period."
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+"La cantidad de tiempo entre vbúsquedas de las reglas HBAC contra el servidor "
+"IPA. Esto reducirá la latencia y la carga sobre el servidor IPA si hay "
+"muchas peticiones de control de acceso hechas en un corto período."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
"client will support two modes of operation during this transition period:"
msgstr ""
+"Esta opción especifica cómo tratar las reglas HBAC tipo DENY obsoletas. A "
+"partir de FreeIPA v2.1, las reglas DENY no están soportadas en el servidor. "
+"Todos los usuario de FreeIPA necesitarán migrar sus reglas para usar sólo "
+"las reglas ALLOW. El cliente soportará dos modos de operación durante este "
+"período de transición:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
+"<emphasis>DENY_ALL</emphasis>: Si se detecta cualquier regla HBAC DENY, se "
+"les denegará el acceso a todos los usuarios."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
+"<emphasis>IGNORE</emphasis>: SSSD ignorará cualquier regla DENY. Sea muy "
+"cuidadoso con este opción, puesto que pueden abrirse accesos no pretendidos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr "Predeterminado: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
-msgstr ""
+msgstr "Si se fija a false, el host fuente dado a SSSD por PAM será ignorado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
+"Advierta que si la fija a <emphasis>False</emphasis>, esta opción causa que "
+"los filtros dados en <emphasis>ipa_host_search_base</emphasis> sean "
+"ignorados;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
-msgstr ""
+msgstr "ipa_automount_location (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
-msgstr ""
+msgstr "La localización del automontador de este cliente IPA que será usada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
-msgstr ""
+msgstr "Por defecto: La localización llamada “default”"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
-msgstr ""
+msgstr "El atributo LDAP que lista los afiliados del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
+"El atributo LDAP que lista los usuarios del sistema y grupos que son "
+"miembros directos del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr "Predeterminado: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
+"El atributo LDAP que lista los host y grupos de host que son miembros "
+"directos del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr "Predeterminado: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
+"El atributo LDAP que lista los FQDNs de host y grupos de host que son "
+"miembros del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr "Predeterminado: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
+"El atributo LDAP que contiene el nombre de dominio NIS del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr "Predeterminado: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
-msgstr ""
+msgstr "El objeto clase de una entrada host en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr "Predeterminado: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
-msgstr ""
+msgstr "ipa_host_fqdn (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
-msgstr ""
+msgstr "El atributo LDAP que contiene el FQDN del host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
-msgstr ""
+msgstr "Por defecto: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
-msgstr ""
+msgstr "El atributo LDAP que contiene el nombre del mapa de usuario SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_member_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
+"El atributo LDAP que contiene todos los usuarios / grupos contra los que "
+"esta regla coincide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_member_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
+"El atributo LDAP que contiene todos los hosts /grupos de hosts contra los "
+"que esta regla coincide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_see_also (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
+"El atributo LDAP que contiene la regla DN de HBAC que puede ser usada en "
+"lugar de memberUser o memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
-msgstr ""
+msgstr "Por defecto: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_selinux_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
-msgstr ""
+msgstr "El atributo LDAP que contiene la cadena de usuario SELinux mismo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
-msgstr ""
+msgstr "Por defecto: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_enabled (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
+"El atributo LDAP que contiene si el mapa de usuario está o no habilitado "
+"para utilización."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
-msgstr ""
+msgstr "Por defecto: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_user_category (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
-msgstr ""
+msgstr "El atributo LDAP que contiene la categoría del usuario como ‘all’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
-msgstr ""
+msgstr "Por defecto: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_host_category (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
-msgstr ""
+msgstr "El atributo LDAP que contiene la categoría del host como ‘all’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
-msgstr ""
+msgstr "Por defecto: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
-msgstr ""
+msgstr "El atributo LDAP que contiene la ID única del mapa de usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
-msgstr ""
+msgstr "Por defecto: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
-msgstr ""
+msgstr "ipa_host_ssh_public_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
-msgstr ""
+msgstr "El atributo LDAP que contiene las claves públicas SSH del host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
+msgstr "Por defecto: ipaSshPubKey"
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the ipa provider-specific options."
msgstr ""
+"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
+"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
+"Este ejemplo muestra sólo las opciones específicas del proveedor ipa."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5852,7 +7033,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
msgid "sssd-ad"
-msgstr ""
+msgstr "sssd-ad"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:23
@@ -5863,6 +7044,12 @@ msgid ""
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
+"Esta página de manual describe la configuración del proveedor AD para "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Para una referencia detallada de sintaxis, vea la sección "
+"<quote>FILE FORMAT</quote> de la página de manual <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:36
@@ -5871,6 +7058,9 @@ msgid ""
"This provider requires that the machine be joined to the AD domain and a "
"keytab is available."
msgstr ""
+"El proveedor AD es el punto final usado para conectar a un servidor Active "
+"Directory. Este proveedor requiere que la máquina se una al dominio AD y "
+"esté disponible una keytab."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:41
@@ -5878,6 +7068,9 @@ msgid ""
"The AD provider supports connecting to Active Directory 2008 R2 or later. "
"Earlier versions may work, but are unsupported."
msgstr ""
+"El proveedor AD soporta la conexión a Active Directory 2008 R2 o "
+"posteriores. Las versiones anteriores pueden trabajar, pero no está "
+"soportadas."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:45
@@ -5888,6 +7081,11 @@ msgid ""
"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
"provider with some exceptions described below."
msgstr ""
+"El proveedor de AD acepta las mismas opciones usadas por el proveedor de "
+"identidad <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> y el proveedor de autenticación "
+"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> con algunas excepciones descritas abajo."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:57
@@ -5896,6 +7094,10 @@ msgid ""
"AD provider can also be used as an access and chpass provider. No "
"configuration of the access provider is required on the client side."
msgstr ""
+"Sin embargo, no es necesario ni recomendable establecer estas opciones. El "
+"proveedor AD puede ser también usado como un proveedor de acceso y cambio de "
+"contraseña. No se requiere configuración del proveedor de acceso en el lado "
+"cliente."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ad.5.xml:69
@@ -5904,6 +7106,8 @@ msgid ""
"ldap_id_mapping = False\n"
" "
msgstr ""
+"ldap_id_mapping = False\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:63
@@ -5914,11 +7118,17 @@ msgid ""
"rely on POSIX attributes defined in Active Directory, you should set "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Por defecto, un proveedor AD mapeará valores UID y GID desde el parámetro "
+"objectSID en Active Directory. Para detalles sobre esto, vea la sección "
+"<quote>IDENTIFICACIÓN DEL MAPEO</quote> abajo. Si usted desea deshabilitar "
+"la idententificación del mapeo y en su lugar confiar en los atributos POSIX "
+"definidos en Active Directory, usted fijaría <placeholder type="
+"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:83
msgid "ad_domain (string)"
-msgstr ""
+msgstr "ad_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:86
@@ -5926,6 +7136,8 @@ msgid ""
"Specifies the name of the Active Directory domain. This is optional. If not "
"provided, the configuration domain name is used."
msgstr ""
+"Especifica el nombre del dominio Active Directory. Esto es opcional. Si no "
+"se suministra, se usa la configuración del nombre de dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:91
@@ -5933,11 +7145,13 @@ msgid ""
"For proper operation, this option should be specified as the lower-case "
"version of the long version of the Active Directory domain."
msgstr ""
+"Para una operativa apropiada, esta opción sería especificada en la versión "
+"minúscula de la versión larga del dominio Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:99
msgid "ad_server, ad_backup_server (string)"
-msgstr ""
+msgstr "ad_server, ad_backup_server (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:102
@@ -5948,11 +7162,17 @@ msgid ""
"This is optional if autodiscovery is enabled. For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"La lista separada por comas de direcciones IP o nombres de host de los "
+"servidores AD a los que SSSD se conectaría en orden de preferencia. para más "
+"información sobre conmutación en error y redundancia de servidores, vea la "
+"sección <quote>FAILOVER</quote>. Estos es opcional si está habilitado el "
+"autodescubrimiento. Para más información sobre el servicio descubridor, vea "
+"la sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:115
msgid "ad_hostname (string)"
-msgstr ""
+msgstr "ad_hostname (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:118
@@ -5961,6 +7181,9 @@ msgid ""
"fully qualified name used in the Active Directory domain to identify this "
"host."
msgstr ""
+"Opcional. Puede ser fijada en máquinas donde el hostname(5) no refleja el "
+"nombre totalmente cualificado usaro en el dominio Active Directory para "
+"identificar este host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:124
@@ -5968,6 +7191,8 @@ msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
+"Este campo se usa para determinar el host principal en uso en la keytab. "
+"Debe coincidir con el nombre del host desde que se envío la keytab."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:193
@@ -5976,17 +7201,22 @@ msgid ""
"fallback_homedir = /home/%u\n"
" "
msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This example shows only the AD provider-specific options."
msgstr ""
+"El siguiente ejemplo asume que SSSD está correctamente configurado y example."
+"com es uno de los dominios en la sección <replaceable>[sssd]</replaceable>. "
+"Este ejemplo muestra sólo las opciones específicas del proveedor AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5999,11 +7229,44 @@ msgid ""
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
msgstr ""
+"[domain/EXAMPLE]\n"
+"id_provider = ad\n"
+"auth_provider = ad\n"
+"access_provider = ad\n"
+"chpass_provider = ad\n"
+"\n"
+"ad_server = dc1.example.com\n"
+"ad_hostname = client.example.com\n"
+"ad_domain = example.com\n"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
-msgstr ""
+msgstr "sssd-sudo"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+#, fuzzy
+#| msgid "Configuring sudo to cooperate with SSSD"
+msgid "Configuring sudo with the SSSD back end"
+msgstr "Configurando sudo para cooperar con SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
@@ -6013,11 +7276,15 @@ msgid ""
"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
msgstr ""
+"Esta página de manual describe como configurar <citerefentry> "
+"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
+"para trabajar con <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> y como SSSD esconde reglas sudo."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:36
msgid "Configuring sudo to cooperate with SSSD"
-msgstr ""
+msgstr "Configurando sudo para cooperar con SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:38
@@ -6027,6 +7294,10 @@ msgid ""
"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
+"Para habilitar SSSD como una fuente de reglas sudo, añada <emphasis>sss</"
+"emphasis> a la entrada <emphasis>sudoers</emphasis> en <citerefentry> "
+"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:47
@@ -6037,12 +7308,17 @@ msgid ""
"local users) and then in SSSD, the nsswitch.conf file should contain the "
"following line:"
msgstr ""
+"Por ejemplo, para configurar sudo para primero buscar reglas en el fichero "
+"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> estándar (que contendría reglas para aplicar al "
+"usuario local) y después en SSSD, el fichero nsswitch.conf contiene la "
+"siguiente línea:"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:57
#, no-wrap
msgid "sudoers: files sss\n"
-msgstr ""
+msgstr "sudoers: files sss\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:61
@@ -6053,11 +7329,16 @@ msgid ""
"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
+"Más información sobre la configuración del orden de búsqueda de sudoers "
+"desde el fichero nsswuitch.conf así información sobre el esquema LDAP que se "
+"usa para almacenar reglas sudo en el directorio se puede encontrar en "
+"<citerefentry> <refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:72
msgid "Configuring SSSD to fetch sudo rules"
-msgstr ""
+msgstr "Configurando SSSD para ir a buscar reglas sudo"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:74
@@ -6065,6 +7346,8 @@ msgid ""
"The following example shows how to configure SSSD to download sudo rules "
"from an LDAP server."
msgstr ""
+"El siguiente ejemplo muestra como configurar SSSD para descargar reglas sudo "
+"desde un servidor LDAP."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:79
@@ -6081,6 +7364,16 @@ msgid ""
"ldap_uri = ldap://example.com\n"
"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
msgstr ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ldap\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:92
@@ -6091,6 +7384,11 @@ msgid ""
"server, because SSSD does not have native support of IPA provider for sudo "
"yet."
msgstr ""
+"El siguiente ejemplo ilustra el ajuste de SSSD para descargar reglas sudo "
+"desde un servidor IPA. Es necesario usar el proveedor LDAP y fijar los "
+"parámetros de conexión apropiados para autenticarse correctamente contra el "
+"servidor IPA, puesto que SSSD no tiene soporte nativo de proveedor IPA para "
+"sudo todavía."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:100
@@ -6115,11 +7413,29 @@ msgid ""
"ldap_sasl_realm = EXAMPLE.COM\n"
"krb5_server = ipa.example.com\n"
msgstr ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ipa\n"
+"ipa_domain = example.com\n"
+"ipa_server = ipa.example.com\n"
+"ldap_tls_cacert = /etc/ipa/ca.crt\n"
+"\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://ipa.example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+"ldap_sasl_mech = GSSAPI\n"
+"ldap_sasl_authid = host/hostname.example.com\n"
+"ldap_sasl_realm = EXAMPLE.COM\n"
+"krb5_server = ipa.example.com\n"
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:123
msgid "The SUDO rule caching mechanism"
-msgstr ""
+msgstr "El mecanismo de almacenamiento en cache de regla SUDO"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:125
@@ -6131,6 +7447,13 @@ msgid ""
"of updates. They are referred to as full refresh, smart refresh and rules "
"refresh."
msgstr ""
+"El mayor desafío, cuando se desarrolla soporte sudo en SSSD, fue asegurar "
+"que ejecutando sudo con SSSD como la fuente de datos suministre la misma "
+"experiencia de usuario y sea tan rápido como sudo pero se mantenga "
+"proporcionando el conjunto más actual de reglas como sea posible. Para "
+"satisfacer estos requisitos, SSSD usa tres clases de actualizaciones. A "
+"ellas nos referimos como refresco total, refresco inteligente y refresco de "
+"reglas."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:133
@@ -6140,6 +7463,11 @@ msgid ""
"database growing by fetching only small increments that do not generate "
"large amounts of network traffic."
msgstr ""
+"El <emphasis>refresco inteligente</emphasis> periódicamente descarga reglas "
+"que son nuevas o fueron modificadas desde la última actualización. Su "
+"objetivo principal es mantener la base de datos creciendo mediante la "
+"atracción de pequeños incrementos que no generen grandes cantidades de "
+"tráfico de red."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:139
@@ -6151,6 +7479,12 @@ msgid ""
"and thus it should be run only occasionally depending on the size and "
"stability of the sudo rules."
msgstr ""
+"<emphasis>full refresh</emphasis> simplemente refresca todas las reglas sudo "
+"almacenadas en el cache y las reemplaza con las reglas que están almacenadas "
+"en el servidor. Esto se usa para mantener el cache consistente borrando cada "
+"regla que fue borrada del servidor. Sin embargo, un refresco total puede "
+"producir gran cantidad de tráfico y por lo tanto debería ser ejecutado sólo "
+"ocasionalmente dependiendo del tamaño y de la estabilidad de las reglas sudo."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:147
@@ -6162,6 +7496,13 @@ msgid ""
"these rules are missing on the server, the SSSD will do an out of band full "
"refresh because more rules (that apply to other users) may have been deleted."
msgstr ""
+"El <emphasis>refresco de reglas</emphasis> asegura que no concedamos más "
+"permisos al usuario que los definidos. Se dispara cada vez que el usuario "
+"ejecuta sudo. El refresco de reglas encontrará todas las reglas que se "
+"apliquen a ese usuario, comprobará su tiempo de expiración y las recargará "
+"si han expirado. En el caso de que alguna de esas reglas estén desaparecidas "
+"del servidor, SSSD hará un refresco total fuera de banda puesto que más "
+"reglas (que apliquen a otros usuarios) pueden haber sido borradas."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:156
@@ -6170,36 +7511,41 @@ msgid ""
"This means rules that contain one of the following values in "
"<emphasis>sudoHost</emphasis> attribute:"
msgstr ""
+"Si está habilitado, SSSD almacenará sólo las reglas que pueden ser aplicadas "
+"a esa máquina. Esto indica reglas que contienen uno de los siguientes "
+"valores en el atributo <emphasis>sudoHost</emphasis>:"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:163
msgid "keyword ALL"
-msgstr ""
+msgstr "keyword ALL"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:173
msgid "netgroup (in the form \"+netgroup\")"
-msgstr ""
+msgstr "netgroup (en la forma \"+netgroup\")"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:178
msgid "hostname or fully qualified domain name of this machine"
msgstr ""
+"nombre de host o nombre de dominio totalmente cualificado de esta máquina"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:183
msgid "one of the IP addresses of this machine"
-msgstr ""
+msgstr "una de las direcciones IP de esta máquina"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:188
msgid "one of the IP addresses of the network (in the form \"address/mask\")"
msgstr ""
+"una de las direcciones IP de la red (en la forma \"dirección/máscara\")"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:194
@@ -6210,6 +7556,11 @@ msgid ""
"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
+"Hay muchas opciones de configuración que pueden ser usadas para ajustar el "
+"comportamiento. Por favor vea \"ldap_sudo_*\" en <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> y \"sudo_*\" en citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd.8.xml:10 sssd.8.xml:15
@@ -6241,6 +7592,14 @@ msgid ""
"FreeIPA. It provides a more robust database to store local users as well as "
"extended user data."
msgstr ""
+"<command>SSSD</command> suministra un conjunto de demonios para gestionar el "
+"acceso a directorios remotos y mecanismos de autenticación. Suministra una "
+"interfaz NSS y PAM hacia el sistema y un sistema de parte trasera conectable "
+"para conectar múltiples fuentes de cuentas diferentes así como interfaz D-"
+"Bus. Es también la base para suministrar servicios de auditoría y política a "
+"los clientes para proyectos como FreeIPA. Suministra una base de datos más "
+"robusta para almacenar los usuarios locales así como datos de usuario "
+"extendidos."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:46
@@ -6298,6 +7657,9 @@ msgid ""
"are stored in <filename>/var/log/sssd</filename> and there are separate log "
"files for every SSSD service and domain."
msgstr ""
+"Envía la salida de depuración a ficheros en lugar de a stderr. Por defecto, "
+"los ficheros de registro se almacenan en <filename>/var/log/sssd</filename> "
+"y hay ficheros de registro separados para cada servicio y dominio SSSD."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:97
@@ -6332,6 +7694,11 @@ msgid ""
"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
+"Especifica un fichero de configuración distinto al de por defecto. El por "
+"defecto es <filename>/etc/sssd/sssd.conf</filename>. Para referencia sobre "
+"las opciones y sintaxis del fichero de configuración, consulta la página de "
+"manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:135
@@ -6341,7 +7708,7 @@ msgstr "<option>--version</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:139
msgid "Print version number and exit."
-msgstr ""
+msgstr "Imprimir número de versión y salir."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.8.xml:147
@@ -6359,6 +7726,8 @@ msgid ""
"Informs the SSSD to gracefully terminate all of its child processes and then "
"shut down the monitor."
msgstr ""
+"Informa a SSSD para terminar graciosamente todos sus procesos hijos y "
+"después para el monitor."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:159
@@ -6372,6 +7741,9 @@ msgid ""
"close and reopen them. This is meant to facilitate log rolling with programs "
"like logrotate."
msgstr ""
+"Le dice a SSSD que pare de escribir en su fichero descriptor de depuración "
+"actual y cerrar y reabrirlo. Esto significa facilitar la circulación de "
+"registro con programas como logrotate."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:170
@@ -6384,6 +7756,8 @@ msgid ""
"Tells the SSSD to simulate offline operation for one minute. This is mostly "
"useful for testing purposes."
msgstr ""
+"Le dice a SSSD que simule la operación fuera de línea por un minuto. Esto es "
+"mayormente útil para propósitos de prueba."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:179
@@ -6396,6 +7770,8 @@ msgid ""
"Tells the SSSD to go online immediately. This is mostly useful for testing "
"purposes."
msgstr ""
+"Le dice a SSD que se ponga en línea inmediatamente. Esto es mayormente útil "
+"para propósitos de prueba."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
@@ -6405,7 +7781,7 @@ msgstr "sss_obfuscate"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_obfuscate.8.xml:16
msgid "obfuscate a clear text password"
-msgstr ""
+msgstr "oscurecer un password en texto claro"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_obfuscate.8.xml:21
@@ -6425,6 +7801,9 @@ msgid ""
"unreadable format and places it into appropriate domain section of the SSSD "
"config file."
msgstr ""
+"<command>sss_obfuscate</command> convierte una contraseña dada en un formato "
+"no legible y la sitúa en la sección apropiada del dominio del fichero de "
+"configuración SSSD."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:37
@@ -6437,6 +7816,13 @@ msgid ""
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more details on these parameters."
msgstr ""
+"La contraseña en texto claro es leída desde la entrada estándar e "
+"introducida interactivamente. La contraseña ofuscada se pone en el parámetro "
+"<quote>ldap_default_authtok</quote> de un dominio SSSD dado y el parámetro "
+"<quote>ldap_default_authtok_type</quote> se fija a "
+"<quote>obfuscated_password</quote>. Vea <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más "
+"detalles sobre estos parámetros."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:49
@@ -6447,6 +7833,11 @@ msgid ""
"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
"advised."
msgstr ""
+"Por favor advierta que oscurecer la contraseña <emphasis>no suministra un "
+"beneficio real de seguridad</emphasis> y es posible para un atacante "
+"mediante ingeniería inversa volver atrás la contraseña. Se recomienda "
+"<emphasis>firmemente</emphasis> el uso de mejores mecanismos de "
+"autenticación como certificados en el lado cliente o GSSAPI."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:63
@@ -6456,7 +7847,7 @@ msgstr "<option>-s</option>,<option>--stdin</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:67
msgid "The password to obfuscate will be read from standard input."
-msgstr ""
+msgstr "La contraseña a oscurecer será leída desde la entrada estándar."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79
@@ -6474,6 +7865,8 @@ msgid ""
"The SSSD domain to use the password in. The default name is <quote>default</"
"quote>."
msgstr ""
+"El dominio SSSD en el que usar la contraseña. El nombre por defecto es "
+"<quote>default</quote>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_obfuscate.8.xml:86
@@ -6487,6 +7880,7 @@ msgstr ""
#: sss_obfuscate.8.xml:91
msgid "Read the config file specified by the positional parameter."
msgstr ""
+"Lee el fichero de configuración especificado por el parámetro posicional."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_obfuscate.8.xml:95
@@ -6520,6 +7914,9 @@ msgid ""
"<command>sss_useradd</command> creates a new user account using the values "
"specified on the command line plus the default values from the system."
msgstr ""
+"<command>sss_useradd</command> crea una nueva cuenta de usuario usando los "
+"valores especificados en la línea de comandos más los valores por defecto "
+"del sistema."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:43 sss_seed.8.xml:76
@@ -6534,6 +7931,8 @@ msgid ""
"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
"not given, it is chosen automatically."
msgstr ""
+"Fija la UID del usuario al valor de <replaceable>UID</replaceable>. Si no se "
+"da, se elige automáticamente."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100
@@ -6550,6 +7949,8 @@ msgid ""
"Any text string describing the user. Often used as the field for the user's "
"full name."
msgstr ""
+"Cualquier cadena de texto describiendo al usuario. Frecuentemente se usa "
+"como el campo para el nombre completo del usuario."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112
@@ -6569,6 +7970,11 @@ msgid ""
"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
"baseDirectory</quote> setting in sssd.conf."
msgstr ""
+"El directorio home de la cuenta de usuario. Por defecto se añade el nombre "
+"<replaceable>LOGIN</replaceable> a <filename>/home</filename> y utiliza esto "
+"como directorio home. La base de que se antepondrá antes <replaceable>LOGIN</"
+"replaceable> es sintonizable con el ajuste <quote>user_defaults/"
+"baseDirectory</quote> en sssd.conf."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
@@ -6584,6 +7990,9 @@ msgid ""
"filename>. The default can be changed with <quote>user_defaults/"
"defaultShell</quote> setting in sssd.conf."
msgstr ""
+"La shell de acceso del usuario. Por defecto es actualmente <filename>/bin/"
+"bash</filename>. El valor por defecto puede ser cambiado con el ajuste "
+"<quote>user_defaults/defaultShell</quote> en sssd.conf."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:96
@@ -6598,6 +8007,7 @@ msgstr ""
#: sss_useradd.8.xml:101
msgid "A list of existing groups this user is also a member of."
msgstr ""
+"Una lista de grupos existentes de los que el usuario también es miembro."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:107
@@ -6611,6 +8021,10 @@ msgid ""
"directories contained in the skeleton directory (which can be defined with "
"the -k option or in the config file) will be copied to the home directory."
msgstr ""
+"Crea el directorio home del usuario si no existe. Los ficheros y directorios "
+"contenidos en el directorio esqueleto (que pueden ser definidos con la "
+"opción –k o en el fichero de configuración) serán copiados en el directorio "
+"home."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:121
@@ -6641,6 +8055,9 @@ msgid ""
"the user's home directory, when the home directory is created by "
"<command>sss_useradd</command>."
msgstr ""
+"El directorio esqueleto, que contiene ficheros y directorios a copiar en el "
+"directorio home del usuario, cuando el directorio home es creado por "
+"<command>sss_useradd</command>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_useradd.8.xml:143
@@ -6649,6 +8066,9 @@ msgid ""
"home</option>) option is specified, or creation of home directories is set "
"to TRUE in the configuration."
msgstr ""
+"Esta opción sólo es válida si se ha especificado la opción <option>-m</"
+"option> (o <option>--create-home</option>), o la creación de directorios "
+"home está fijada a TRUE en la configuración."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
@@ -6665,6 +8085,8 @@ msgid ""
"The SELinux user for the user's login. If not specified, the system default "
"will be used."
msgstr ""
+"El usuario SELinux para el acceso de usuario. Si no se especifica, se usará "
+"el valor por defecto del sistema."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
@@ -6673,6 +8095,14 @@ msgstr "sssd-krb5"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:23
+#, fuzzy
+#| msgid ""
+#| "This manual page describes the configuration of the Kerberos 5 "
+#| "authentication backend for <citerefentry> <refentrytitle>sssd</"
+#| "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed "
+#| "syntax reference, please refer to the <quote>FILE FORMAT</quote> section "
+#| "of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+#| "<manvolnum>5</manvolnum> </citerefentry> manual page"
msgid ""
"This manual page describes the configuration of the Kerberos 5 "
"authentication backend for <citerefentry> <refentrytitle>sssd</"
@@ -6681,9 +8111,25 @@ msgid ""
"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page."
msgstr ""
+"Esta página de manual describe la configuración del punto final de "
+"autenticación Kerberos 5 para <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. Para una referencia "
+"detallada de sintaxis, por favor vea la sección <quote>FILE FORMAT</quote> "
+"de la página de manual <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:36
+#, fuzzy
+#| msgid ""
+#| "The Kerberos 5 authentication backend contains auth and chpass providers. "
+#| "It must be paired with identity provider in order to function properly "
+#| "(for example, id_provider = ldap). Some information required by the "
+#| "Kerberos 5 authentication backend must be provided by the identity "
+#| "provider, such as the user's Kerberos Principal Name (UPN). The "
+#| "configuration of the identity provider should have an entry to specify "
+#| "the UPN. Please refer to the man page for the applicable identity "
+#| "provider for details on how to configure this."
msgid ""
"The Kerberos 5 authentication backend contains auth and chpass providers. It "
"must be paired with an identity provider in order to function properly (for "
@@ -6694,9 +8140,26 @@ msgid ""
"page for the applicable identity provider for details on how to configure "
"this."
msgstr ""
+"El backend de autenticación Kerberos 5 contiene proveedores de autenticación "
+"y cambio de contraseña. Debe estar emparejado con un proveedor de identidad "
+"con el objetivo de trabaje apropiadamente (por ejemplo, id_provider=ldap). "
+"Alguna de la información requerida por el backend de autenticación Kerberos "
+"5 debe ser suministrada por el proveedor de identidad., como el Nombre "
+"Principal Kerberos (UOPN) del usuarios. La configuración del proveedor de "
+"identidad debería tener una entrada para especificar el UPN. Por favor vea "
+"la página de manual del proveedor de identidad aplicable para detalles sobre "
+"cómo configurar este."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:47
+#, fuzzy
+#| msgid ""
+#| "This backend also provides access control based on the .k5login file in "
+#| "the home directory of the user. See <citerefentry> <refentrytitle>."
+#| "k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more "
+#| "details. Please note that an empty .k5login file will deny all access to "
+#| "this user. To activate this feature use 'access_provider = krb5' in your "
+#| "sssd configuration."
msgid ""
"This backend also provides access control based on the .k5login file in the "
"home directory of the user. See <citerefentry> <refentrytitle>.k5login</"
@@ -6705,17 +8168,40 @@ msgid ""
"To activate this feature, use 'access_provider = krb5' in your SSSD "
"configuration."
msgstr ""
+"Este backend también suministra control de acceso en base al fichero ."
+"k5login del directorio home del usuario. Vea <citerefentry> <refentrytitle>."
+"k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> para más "
+"detalles. Por favor advierta que un fichero .k5login vacío denegará todo el "
+"acceso a este usuario. Para activar esta función use ‘access_provider = "
+"krb5’ en su configuración sssd."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:55
+#, fuzzy
+#| msgid ""
+#| "In the case where the UPN is not available in the identity backend "
+#| "<command>sssd</command> will construct a UPN using the format "
+#| "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
msgid ""
"In the case where the UPN is not available in the identity backend, "
"<command>sssd</command> will construct a UPN using the format "
"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
msgstr ""
+"En el caso donde el UPN no está disponible en el backend de identidad "
+"<command>sssd</command> construirá un UPN usando el formato "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:77
+#, fuzzy
+#| msgid ""
+#| "Specifies the comma-separated list of IP addresses or hostnames of the "
+#| "Kerberos servers to which SSSD should connect in the order of preference. "
+#| "For more information on failover and server redundancy, see the "
+#| "<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+#| "colon) may be appended to the addresses or hostnames. If empty, service "
+#| "discovery is enabled - for more information, refer to the <quote>SERVICE "
+#| "DISCOVERY</quote> section."
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect, in the order of preference. "
@@ -6725,6 +8211,13 @@ msgid ""
"discovery is enabled; for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
+"Especifica una lista separada por comas de direcciones IP o nombres de host "
+"de los servidores Kerberos a los cuales se conectaría SSSD en orden de "
+"preferencia. Para más información sobre failover y redundancia de servidor, "
+"vea la sección <quote>FAILOVER</quote>. Un número de puerto opcional "
+"(precedido de dos puntos) puede ser añadido a las direcciones o nombres de "
+"host. Si está vacío, el servicio descubridor está habilitado – para más "
+"información, vea la sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:106
@@ -6732,28 +8225,49 @@ msgid ""
"The name of the Kerberos realm. This option is required and must be "
"specified."
msgstr ""
+"El nombre del reino Kerberos. Esta opción se requiere y debe ser "
+"especificada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:113
msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
-msgstr ""
+msgstr "krb5_kpasswd, krb5_backup_kpasswd (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:116
+#, fuzzy
+#| msgid ""
+#| "If the change password service is not running on the KDC alternative "
+#| "servers can be defined here. An optional port number (preceded by a "
+#| "colon) may be appended to the addresses or hostnames."
msgid ""
"If the change password service is not running on the KDC, alternative "
"servers can be defined here. An optional port number (preceded by a colon) "
"may be appended to the addresses or hostnames."
msgstr ""
+"Si el servicio de cambio de contraseña no está corriendo en los servidores "
+"KDC alternativos puede ser definido aquí. Un número de puerto opcional "
+"(precedido de dos puntos) debe ser añadido a las direcciones o nombres de "
+"host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:122
+#, fuzzy
+#| msgid ""
+#| "For more information on failover and server redundancy, see the "
+#| "<quote>FAILOVER</quote> section. Please note that even if there are no "
+#| "more kpasswd servers to try the back end is not switch to offline if "
+#| "authentication against the KDC is still possible."
msgid ""
"For more information on failover and server redundancy, see the "
"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd "
"servers to try, the backend is not switched to operate offline if "
"authentication against the KDC is still possible."
msgstr ""
+"Para más información sobre superación de fallo y redundancia de servidor, "
+"vea la sección <quote>FAILOVER</quote>. Por favor advierta que aunque no "
+"haya más servidores kpasswd para intentar el back end no conmuta a fuera de "
+"línea si la autenticación contra el KDC es todavía posible."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:129
@@ -6763,10 +8277,19 @@ msgstr "Predeterminado: Use the KDC"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:135
msgid "krb5_ccachedir (string)"
-msgstr ""
+msgstr "krb5_ccachedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:138
+#, fuzzy
+#| msgid ""
+#| "Directory to store credential caches. All the substitution sequences of "
+#| "krb5_ccname_template can be used here, too, except %d and %P. If the "
+#| "directory does not exist it will be created. If %u, %U, %p or %h are used "
+#| "a private directory belonging to the user is created. Otherwise a public "
+#| "directory with restricted deletion flag (aka sticky bit, see "
+#| "<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</"
+#| "manvolnum> </citerefentry> for details) is created."
msgid ""
"Directory to store credential caches. All the substitution sequences of "
"krb5_ccname_template can be used here, too, except %d and %P. If the "
@@ -6776,6 +8299,13 @@ msgid ""
"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
"</citerefentry> for details) is created."
msgstr ""
+"Directorio para almacenar los escondrijos de credenciales. Todas las "
+"secuencias de sustitución krb5_ccname_template pueden ser usadas aquí, "
+"también, excepto %d y %P. Si el directorio no existe será creado. Si %u, %U, "
+"%p o %h son usados se crea un directorio privado perteneciente al usuario. "
+"De otro modo un directorio público con bandera de borrado restringido (bit "
+"de alias pegajoso, vea <citerefentry> <refentrytitle>chmod</refentrytitle> "
+"<manvolnum>1</manvolnum> </citerefentry> para detalles) se crea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:152
@@ -6785,22 +8315,22 @@ msgstr "Predeterminado: /tmp"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:158
msgid "krb5_ccname_template (string)"
-msgstr ""
+msgstr "krb5_ccname_template (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:174
msgid "login UID"
-msgstr ""
+msgstr "UID de acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:177
msgid "%p"
-msgstr ""
+msgstr "%p"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:178
msgid "principal name"
-msgstr ""
+msgstr "nombre principal"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:182
@@ -6810,7 +8340,7 @@ msgstr "%r"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:183
msgid "realm name"
-msgstr ""
+msgstr "nombre de reino"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:186
@@ -6820,7 +8350,7 @@ msgstr "%h"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:187
msgid "home directory"
-msgstr ""
+msgstr "directorio home"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:192
@@ -6841,6 +8371,15 @@ msgstr "el ID de proceso del cliente sssd"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:161
+#, fuzzy
+#| msgid ""
+#| "Location of the user's credential cache. Two credential cache types are "
+#| "currently supported - <quote>FILE</quote> and <quote>DIR</quote>. The "
+#| "cache can either be specified as <replaceable>TYPE:RESIDUAL</"
+#| "replaceable>, or an absolute path, which implies the <quote>FILE</quote> "
+#| "type. In the template the following sequences are substituted: "
+#| "<placeholder type=\"variablelist\" id=\"0\"/> If the template ends with "
+#| "'XXXXXX' mkstemp(3) is used to create a unique filename in a safe way."
msgid ""
"Location of the user's credential cache. Two credential cache types are "
"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache "
@@ -6850,6 +8389,14 @@ msgid ""
"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is "
"used to create a unique filename in a safe way."
msgstr ""
+"Localización del escondrijo de credencial del usuario. Actualmente se "
+"soportan dos tipos de escondrijo de credencial <quote>FILE</quote> y "
+"<quote>DIR</quote>. El escondrijo puede ser especificado como "
+"<replaceable>TYPE:RESIDUAL</replaceable>, o una ruta absoluta, que implica "
+"el tipo de <quote>FILE</quote>. En la plantilla son sustituidas las "
+"siguientes secuencias: <placeholder type=\"variablelist\" id=\"0\"/> Si la "
+"plantilla finaliza con 'XXXXXX' mkstemp(3) se usa para crear un único nombre "
+"de archivo de manera segura."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:212
@@ -6863,11 +8410,19 @@ msgstr "krb5_auth_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:221
+#, fuzzy
+#| msgid ""
+#| "Timeout in seconds after an online authentication or change password "
+#| "request is aborted. If possible the authentication request is continued "
+#| "offline."
msgid ""
"Timeout in seconds after an online authentication request or change password "
"request is aborted. If possible, the authentication request is continued "
"offline."
msgstr ""
+"Tiempo de salida en segundos después de que una petición de autenticación en "
+"línea o cambio de contraseña es abortada. Si es posible la petición de "
+"autenticación se continúa fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:235
@@ -6891,6 +8446,8 @@ msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
+"La localización de la keytab a usar cuando son obtenidas credenciales "
+"validadas desde KDCs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:257
@@ -6904,18 +8461,34 @@ msgstr "krb5_store_password_if_offline (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:266
+#, fuzzy
+#| msgid ""
+#| "Store the password of the user if the provider is offline and use it to "
+#| "request a TGT when the provider gets online again."
msgid ""
"Store the password of the user if the provider is offline and use it to "
"request a TGT when the provider comes online again."
msgstr ""
+"Almacena la contraseña del usuario si el proveedor está fuera de línea y la "
+"usa para petición a TGT cuando el proveedor vuelve a estar en línea otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:271
+#, fuzzy
+#| msgid ""
+#| "Please note that this feature currently only available on a Linux "
+#| "platform. Passwords stored in this way are kept in plaintext in the "
+#| "kernel keyring and are potentially accessible by the root user (with "
+#| "difficulty)."
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
"by the root user (with difficulty)."
msgstr ""
+"Por favor advierta que está función está actualmente sólo disponible sobre "
+"plataforma Linux. las contraseñas almacenadas de esta manera se mantiene en "
+"texto plano en el llavero del kernel y son potencialmente accesibles por el "
+"usuario root (con dificultades)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:284
@@ -6924,10 +8497,16 @@ msgstr "krb5_renewable_lifetime (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:287
+#, fuzzy
+#| msgid ""
+#| "Request a renewable ticket with a total lifetime given by an integer "
+#| "immediately followed by one of the following delimiters:"
msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
+"Pide una entrada renovable con un tiempo de vida total dado por un entero "
+"seguido inmediatamente por uno de los siguientes delimitadores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:326
@@ -6959,20 +8538,29 @@ msgstr "<emphasis>d</emphasis> días."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:304
+#, fuzzy
+#| msgid "If there is no delimiter <emphasis>s</emphasis> is assumed."
msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
-msgstr ""
+msgstr "Si no hay delimitador se asume <emphasis>s</emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:308
+#, fuzzy
+#| msgid ""
+#| "Please note that it is not possible to mix units. If you want to set the "
+#| "renewable lifetime to one and a half hours please use '90m' instead of "
+#| "'1h30m'."
msgid ""
"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
"and a half hours, use '90m' instead of '1h30m'."
msgstr ""
+"Por favor advierta que no es posible mezcla unidades. Si usted desea fijar "
+"el tiempo de vida renovable a una hora y media use ‘90m’ en lugar de ‘1h30m’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:313
msgid "Default: not set, i.e. the TGT is not renewable"
-msgstr ""
+msgstr "Por defecto: no fijado, esto es el TGT no es renovable"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:319
@@ -6981,28 +8569,44 @@ msgstr "krb5_lifetime (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:322
+#, fuzzy
+#| msgid ""
+#| "Request ticket with a with a lifetime given by an integer immediately "
+#| "followed by one of the following delimiters:"
msgid ""
"Request ticket with a with a lifetime, given as an integer immediately "
"followed by a time unit:"
msgstr ""
+"Petición de entrada con un tiempo de vida dado por un entero seguido "
+"inmediatamente por una de los siguientes delimitadores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:338
+#, fuzzy
+#| msgid "If there is no delimiter <emphasis>s</emphasis> is assumed."
msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
-msgstr ""
+msgstr "Si no hay delimitador se asume <emphasis>s</emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:342
+#, fuzzy
+#| msgid ""
+#| "Please note that it is not possible to mix units. If you want to set the "
+#| "lifetime to one and a half hours please use '90m' instead of '1h30m'."
msgid ""
"NOTE: It is not possible to mix units. To set the lifetime to one and a "
"half hours please use '90m' instead of '1h30m'."
msgstr ""
+"Por favor advierta que no es posible mezcla unidades. Si usted desea fijar "
+"el tiempo de vida renovable a una hora y media use ‘90m’ en lugar de ‘1h30m’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:347
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
+"Por defecto: no fijado, esto es el tiempo de vida de la entrada por defecto "
+"configurado en el KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
@@ -7015,11 +8619,17 @@ msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded."
msgstr ""
+"El tiempo en segundos entre dos comprobaciones si el TGT debiera ser "
+"renovado. TGTs son renovados si alrededor de la mitad de su tiempo de vida "
+"se ha excedido."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:362
+#, fuzzy
+#| msgid "If this option is not set or 0 the automatic renewal is disabled."
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
+"Si no se fija esta opción o está a 0 se deshabilita la renovación automática."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:372
@@ -7032,45 +8642,75 @@ msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
msgstr ""
+"Habilita la autenticación segura flexible de los túneles (FSAT) para la pre-"
+"autenticación Kerberos. Se soportan las siguientes opciones:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:380
+#, fuzzy
+#| msgid ""
+#| "<emphasis>never</emphasis> use FAST, this is equivalent to not set this "
+#| "option at all."
msgid ""
"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
"option at all."
msgstr ""
+"<emphasis>never</emphasis> utiliza FAST, esto es equivalente a no fijar esta "
+"opción de ningún modo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:384
+#, fuzzy
+#| msgid ""
+#| "<emphasis>try</emphasis> to use FAST, if the server does not support fast "
+#| "continue without."
msgid ""
"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
"continue the authentication without it."
msgstr ""
+"<emphasis>try</emphasis> para usar FAST, si el servidor no requiere fast "
+"continúan si él."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:389
+#, fuzzy
+#| msgid ""
+#| "<emphasis>demand</emphasis> to use FAST, fail if the server does not "
+#| "require fast."
msgid ""
"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
"server does not require fast."
msgstr ""
+"<emphasis>demand</emphasis> para usar FAST, falla si el servidor no requiere "
+"fast."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:394
msgid "Default: not set, i.e. FAST is not used."
-msgstr ""
+msgstr "Por defecto: no fijado, esto es no se usa FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:397
+#, fuzzy
+#| msgid "Please note that a keytab is required to use fast."
msgid "NOTE: a keytab is required to use FAST."
-msgstr ""
+msgstr "Por favor advierta que se requiere una keytab para usar fast."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:400
+#, fuzzy
+#| msgid ""
+#| "Please note also that sssd supports fast only with MIT Kerberos version "
+#| "1.8 and above. If sssd used with an older version using this option is a "
+#| "configuration error."
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
"configuration error."
msgstr ""
+"Por favor advierta que sssd soporta fast sólo con MIT Kerberos versión 1.8 y "
+"superior. Si sssd se usa con una versión más antigua el uso de esta opción "
+"es un error de configuración."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:409
@@ -7080,17 +8720,30 @@ msgstr "krb5_fast_principal (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:412
msgid "Specifies the server principal to use for FAST."
-msgstr ""
+msgstr "Especifica el servidor principal para usar por FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:421
+#, fuzzy
+#| msgid ""
+#| "Specifies if the host and user principal should be canonicalized. This "
+#| "feature is available with MIT Kerberos >= 1.7"
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
+"Especifica si el host y el usuario principal serían estandarizados. Esta "
+"función está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
+#, fuzzy
+#| msgid ""
+#| "If the auth-module krb5 is used in a SSSD domain, the following options "
+#| "must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, "
+#| "section <quote>DOMAIN SECTIONS</quote> for details on the configuration "
+#| "of a SSSD domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgid ""
"If the auth-module krb5 is used in an SSSD domain, the following options "
"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
@@ -7098,15 +8751,31 @@ msgid ""
"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
+"Si se usa el módulo de autenticación krb5 en un dominio SSSD, se deben usar "
+"las siguientes opciones. Vea la página de manual <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, sección <quote>DOMAIN SECTIONS</quote> para detalles sobre la "
+"configuración de un dominio SSSD. <placeholder type=\"variablelist\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:443
+#, fuzzy
+#| msgid ""
+#| "The following example assumes that SSSD is correctly configured and FOO "
+#| "is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+#| "This example shows only configuration of Kerberos authentication, it does "
+#| "not include any identity provider."
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
"example shows only configuration of Kerberos authentication; it does not "
"include any identity provider."
msgstr ""
+"El siguiente ejemplo asume que SSSD está correctamente configurado y FOO es "
+"uno de los dominios en la sección <replaceable>[sssd]</replaceable>. Este "
+"ejemplo muestra sólo la configuración de la autenticación Kerberos y no "
+"incluye ningún otro proveedor de identidad."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-krb5.5.xml:451
@@ -7150,6 +8819,9 @@ msgid ""
"compatible with POSIX groups, with the additional feature that they can "
"contain other groups as members."
msgstr ""
+"<command>sss_groupadd</command> cre un nuevo grupo. Estos grupos son "
+"compatibles con grupos POXIS, con la característica adicional que pueden "
+"contener otros grupos como miembros."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_groupadd.8.xml:43 sss_seed.8.xml:88
@@ -7164,6 +8836,8 @@ msgid ""
"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
"not given, it is chosen automatically."
msgstr ""
+"Fija el GID del grupo al valor de <replaceable>GID</replaceable>. Si no se "
+"da, se elige automáticamente."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
@@ -7192,6 +8866,8 @@ msgid ""
"<command>sss_userdel</command> deletes a user identified by login name "
"<replaceable>LOGIN</replaceable> from the system."
msgstr ""
+"<command>sss_userdel</command> borra del sistema un usuario identificado por "
+"su nombre de acceso <replaceable>LOGIN</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:44
@@ -7204,6 +8880,9 @@ msgid ""
"Files in the user's home directory will be removed along with the home "
"directory itself and the user's mail spool. Overrides the configuration."
msgstr ""
+"Los ficheros en el directorio home del usuario serán borrados así como el "
+"directorio home mismo y el buzón de correo del usuario. Reescribe la "
+"configuración."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:56
@@ -7216,6 +8895,9 @@ msgid ""
"Files in the user's home directory will NOT be removed along with the home "
"directory itself and the user's mail spool. Overrides the configuration."
msgstr ""
+"Los ficheros en el directorio home del usuario NO serán borrados así como el "
+"directorio home mismo y el buzón de correo del usuario. Reescribe la "
+"configuración."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:68
@@ -7228,6 +8910,9 @@ msgid ""
"This option forces <command>sss_userdel</command> to remove the user's home "
"directory and mail spool, even if they are not owned by the specified user."
msgstr ""
+"Esta opción fuerza a <command>sss_userdel</command> a borrar el directorio "
+"home del usuario y el buzón de correo, aunque no sea propiedad del usuario "
+"especificado."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:80
@@ -7266,6 +8951,8 @@ msgid ""
"<command>sss_groupdel</command> deletes a group identified by its name "
"<replaceable>GROUP</replaceable> from the system."
msgstr ""
+"<command>sss_groupdel</command> borra del sistema un grupo identificado por "
+"su nombre <replaceable>GROUP</replaceable>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
@@ -7275,7 +8962,7 @@ msgstr "sss_groupshow"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_groupshow.8.xml:16
msgid "print properties of a group"
-msgstr ""
+msgstr "imprime las propiedades de un grupo"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_groupshow.8.xml:21
@@ -7295,6 +8982,9 @@ msgid ""
"identified by its name <replaceable>GROUP</replaceable>. The information "
"includes the group ID number, members of the group and the parent group."
msgstr ""
+"<command>sss_groupshow</command> muestra información sobre un grupo "
+"identificado por su nombre <replaceable>GROUP</replaceable>. La información "
+"incluye el número de ID del grupo, miembros del grupo y padres del grupo."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_groupshow.8.xml:43
@@ -7308,6 +8998,9 @@ msgid ""
"also affects printing parent groups - without <option>R</option>, only the "
"direct parent will be printed."
msgstr ""
+"También imprime miembros indirectos del grupo en una jerarquía de árbol. "
+"Advierta que esto también afecta a la impresión de los grupos padres – sin "
+"<option>R</option>,, sólo se imprimirá los padres directos."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
@@ -7337,6 +9030,9 @@ msgid ""
"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
"on the command line."
msgstr ""
+"<command>sss_usermod</command> modifica la cuenta especificada por "
+"<replaceable>LOGIN</replaceable> para reflejar los cambios que se han "
+"especificado en la línea de comando."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:60
@@ -7355,6 +9051,9 @@ msgid ""
"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
"a comma separated list of group names."
msgstr ""
+"Añade este usuario a los grupos especificados por el parámetro "
+"<replaceable>GROUPS</replaceable>. El parámetro <replaceable>GROUPS</"
+"replaceable> es una lista separada por comas de nombres de grupo."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:96
@@ -7362,6 +9061,8 @@ msgid ""
"Remove this user from groups specified by the <replaceable>GROUPS</"
"replaceable> parameter."
msgstr ""
+"Borrar este usuario de los grupos especificados por el parámetro "
+"<replaceable>GROUPS</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_usermod.8.xml:103
@@ -7371,7 +9072,7 @@ msgstr "<option>-l</option>,<option>--lock</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:107
msgid "Lock the user account. The user won't be able to log in."
-msgstr ""
+msgstr "Bloquea la cuenta de usuario. El usuario no será capaz de acceder."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_usermod.8.xml:114
@@ -7381,22 +9082,22 @@ msgstr "<option>-u</option>,<option>--unlock</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:118
msgid "Unlock the user account."
-msgstr ""
+msgstr "Desbloquea la cuenta de usuario."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:129
msgid "The SELinux user for the user's login."
-msgstr ""
+msgstr "El usuario SELinux para el acceso del usuario."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_cache.8.xml:10 sss_cache.8.xml:15
msgid "sss_cache"
-msgstr ""
+msgstr "sss_cache"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_cache.8.xml:16
msgid "perform cache cleanup"
-msgstr ""
+msgstr "lleva a cabo la limpieza del escondrijo"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_cache.8.xml:21
@@ -7404,6 +9105,8 @@ msgid ""
"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"
msgstr ""
+"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:31
@@ -7412,22 +9115,26 @@ msgid ""
"records are forced to be reloaded from server as soon as related SSSD "
"backend is online."
msgstr ""
+"<command>sss_cache</command> invalida resgistros en el escondrijo SSSD. Los "
+"registros invalidados son forzados a recargarse desde el servidor tan pronto "
+"como el punto final SSSD relacionado está en línea."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:42
msgid ""
"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
msgstr ""
+"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:47
msgid "Invalidate specific user."
-msgstr ""
+msgstr "Invalida el usuario específico."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:53
msgid "<option>-U</option>,<option>--users</option>"
-msgstr ""
+msgstr "<option>-U</option>,<option>--users</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:57
@@ -7435,22 +9142,25 @@ msgid ""
"Invalidate all user records. This option overrides invalidation of specific "
"user if it was also set."
msgstr ""
+"Invalida todos los registros de usuario. Esta opción anula la invalidación "
+"de usuario específico si también está fijada."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:64
msgid ""
"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
msgstr ""
+"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:69
msgid "Invalidate specific group."
-msgstr ""
+msgstr "Invalida grupo específico."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:75
msgid "<option>-G</option>,<option>--groups</option>"
-msgstr ""
+msgstr "<option>-G</option>,<option>--groups</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:79
@@ -7458,6 +9168,8 @@ msgid ""
"Invalidate all group records. This option overrides invalidation of specific "
"group if it was also set."
msgstr ""
+"Invalida todos los registros de grupo. Esta opción anula la invalidación de "
+"grupo específico si también está fijada."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:86
@@ -7465,16 +9177,18 @@ msgid ""
"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
"replaceable>"
msgstr ""
+"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:91
msgid "Invalidate specific netgroup."
-msgstr ""
+msgstr "Invalida grupo de red específico."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:97
msgid "<option>-N</option>,<option>--netgroups</option>"
-msgstr ""
+msgstr "<option>-N</option>,<option>--netgroups</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:101
@@ -7482,6 +9196,8 @@ msgid ""
"Invalidate all netgroup records. This option overrides invalidation of "
"specific netgroup if it was also set."
msgstr ""
+"Invalida todos los registros de grupo de red. Esta opción anula la "
+"invalidación de grupo de red específico si también está fijada."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:108
@@ -7489,16 +9205,18 @@ msgid ""
"<option>-s</option>,<option>--service</option> <replaceable>service</"
"replaceable>"
msgstr ""
+"<option>-s</option>,<option>--service</option> <replaceable>service</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:113
msgid "Invalidate specific service."
-msgstr ""
+msgstr "Invalida servicio específico"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:119
msgid "<option>-S</option>,<option>--services</option>"
-msgstr ""
+msgstr "<option>-S</option>,<option>--services</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:123
@@ -7506,6 +9224,8 @@ msgid ""
"Invalidate all service records. This option overrides invalidation of "
"specific service if it was also set."
msgstr ""
+"Invalida todos los archivos de servicio. Esta opción anula la invalidación "
+"de servicio específico si también fue fijada."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:130
@@ -7513,16 +9233,18 @@ msgid ""
"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
"replaceable>"
msgstr ""
+"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:135
msgid "Invalidate specific autofs maps."
-msgstr ""
+msgstr "Invalida mapas específicos autofs."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:141
msgid "<option>-A</option>,<option>--autofs-maps</option>"
-msgstr ""
+msgstr "<option>-A</option>,<option>--autofs-maps</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:145
@@ -7530,6 +9252,8 @@ msgid ""
"Invalidate all autofs maps. This option overrides invalidation of specific "
"map if it was also set."
msgstr ""
+"Invalida todos los mapas autofs. Esta opción anula la invalidación de mapa "
+"específico si fue fijada."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:152
@@ -7537,21 +9261,23 @@ msgid ""
"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
"replaceable>"
msgstr ""
+"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:157
msgid "Restrict invalidation process only to a particular domain."
-msgstr ""
+msgstr "Restringe el proceso de invalidación sólo a un dominio concreto."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
msgid "sss_debuglevel"
-msgstr ""
+msgstr "sss_debuglevel"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_debuglevel.8.xml:16
msgid "change debug level while SSSD is running"
-msgstr ""
+msgstr "cambia el nivel de depuración mientras SSSD está corriendo"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_debuglevel.8.xml:21
@@ -7560,6 +9286,9 @@ msgid ""
"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
"replaceable></arg>"
msgstr ""
+"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
+"replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_debuglevel.8.xml:32
@@ -7568,21 +9297,24 @@ msgid ""
"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
"running."
msgstr ""
+"<command>sss_debuglevel</command> cambia el nivel de depuración del monitor "
+"y proveedores SSSD a <replaceable>NEW_DEBUG_LEVEL</replaceable> mientras "
+"SSSD está corriendo."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_debuglevel.8.xml:59
msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
-msgstr ""
+msgstr "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_seed.8.xml:10 sss_seed.8.xml:15
msgid "sss_seed"
-msgstr ""
+msgstr "sss_seed"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_seed.8.xml:16
msgid "seed the SSSD cache with a user"
-msgstr ""
+msgstr "alimenta el cache SSSD con un usuario"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_seed.8.xml:21
@@ -7592,6 +9324,10 @@ msgid ""
"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
"arg>"
msgstr ""
+"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
+"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
+"arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:33
@@ -7600,6 +9336,9 @@ msgid ""
"temporary password. If a user entry is already present in the SSSD cache "
"then the entry is updated with the temporary password."
msgstr ""
+"<command>sss_seed</command> alimenta el cache SSSD con una entrada de "
+"usuario y una contresañe temporal. Si una entrada de usuario está ya "
+"presente en el cache SSSD la entrada se actualiza con la contraseña temporal"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:46
@@ -7607,6 +9346,8 @@ msgid ""
"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
"replaceable>"
msgstr ""
+"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:51
@@ -7617,6 +9358,11 @@ msgid ""
"Information retrieved from the domain overrides what is provided in the "
"options."
msgstr ""
+"Suministra el nombre del dominio del que el usuario es miembro. El dominio "
+"también se usa para recuperar información del usuario. El dominio debe estar "
+"configurado en sssd.conf. La opción <replaceable>DOMAIN</replaceable> debe "
+"ser suministrada. La información recuperada del dominio anula la que se ha "
+"suministrado en las opciones."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:63
@@ -7624,6 +9370,8 @@ msgid ""
"<option>-n</option>,<option>--username</option> <replaceable>USER</"
"replaceable>"
msgstr ""
+"<option>-n</option>,<option>--username</option> <replaceable>USER</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:68
@@ -7631,27 +9379,31 @@ msgid ""
"The username of the entry to be created or modified in the cache. The "
"<replaceable>USER</replaceable> option must be provided."
msgstr ""
+"El nombre de usuario de la entrada a ser creado o modificado en el cache. Se "
+"debe suministrar la opción <replaceable>USER</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:81
msgid "Set the UID of the user to <replaceable>UID</replaceable>."
-msgstr ""
+msgstr "Fija la UID del usuario a <replaceable>UID</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:93
msgid "Set the GID of the user to <replaceable>GID</replaceable>."
-msgstr ""
+msgstr "Fija la GID del usuario a <replaceable>GID</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:117
msgid ""
"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
msgstr ""
+"Fija el directorio home del usuario a <replaceable>HOME_DIR</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:129
msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
msgstr ""
+"Fija la shell de acceso del usuario a <replaceable>SHELL</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:140
@@ -7659,6 +9411,9 @@ msgid ""
"Interactive mode for entering user information. This option will only prompt "
"for information not provided in the options or retrieved from the domain."
msgstr ""
+"Modo interactivo de introducir información del usuario. Esta opción sólo "
+"preguntará por la información no suministrada en las opciones o recuperada "
+"del dominio."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:148
@@ -7666,6 +9421,8 @@ msgid ""
"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
"replaceable>"
msgstr ""
+"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:153
@@ -7673,6 +9430,8 @@ msgid ""
"Specify file to read user's password from. (if not specified password is "
"prompted for)"
msgstr ""
+"Especifica el fichero desde donde leer la contraseña del usuario (si no se "
+"especifica se pregunta por la contraseña)"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:165
@@ -7681,21 +9440,24 @@ msgid ""
"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
"on systems with no globally-defined PASS_MAX value)."
msgstr ""
+"La longitud de la contraseña (o el tamaño especificado con la opción -p or --"
+"password-file) debe ser menos o igual a PASS_MAX bytes ( 64 bytes en "
+"sistemas sin valor PASS_MAX globalmente definido)."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
msgid "sss_ssh_authorizedkeys"
-msgstr ""
+msgstr "sss_ssh_authorizedkeys"
#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
msgid "1"
-msgstr ""
+msgstr "1"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_authorizedkeys.1.xml:16
msgid "get OpenSSH authorized keys"
-msgstr ""
+msgstr "obtiene las claves OpenSSH autorizadas"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_authorizedkeys.1.xml:21
@@ -7704,6 +9466,9 @@ msgid ""
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>USER</replaceable></arg>"
msgstr ""
+"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>USER</replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:32
@@ -7714,6 +9479,11 @@ msgid ""
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> for more information)."
msgstr ""
+"<command>sss_ssh_authorizedkeys</command> adquiere la clave pública SSH para "
+"el usuario <replaceable>USER</replaceable> y las saca en formato de claves "
+"autorizadas OpenSSH (vea la sección <quote>AUTHORIZED_KEYS FILE FORMAT</"
+"quote> de <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> para más información)."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:41
@@ -7725,12 +9495,19 @@ msgid ""
"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> options."
msgstr ""
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> puede ser configurado para usar "
+"<command>sss_ssh_authorizedkeys</command> para autenticación de la clave "
+"pública del usuario si está compilado para soporte de "
+"<quote>AuthorizedKeysCommand</quote> o de <quote>PubkeyAgent</quote> "
+"<citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> options."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:58
#, no-wrap
msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
-msgstr ""
+msgstr "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:51
@@ -7741,12 +9518,18 @@ msgid ""
"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Si se soporta <quote>AuthorizedKeysCommand</quote>, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> puede ser configurado para usarlo poniendo la siguiente "
+"directiva en <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry>: <placeholder type=\"programlisting"
+"\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:69
#, no-wrap
msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
-msgstr ""
+msgstr "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:62
@@ -7758,22 +9541,29 @@ msgid ""
"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting"
"\" id=\"0\"/>"
msgstr ""
+"Si se soporta <quote>PubkeyAgent</quote>, <citerefentry><refentrytitle>sshd</"
+"refentrytitle> <manvolnum>8</manvolnum></citerefentry> puede ser configurado "
+"para usarlo utilizando la siguiente directiva para <citerefentry> "
+"<refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></citerefentry> "
+"configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_authorizedkeys.1.xml:84
msgid ""
"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
+"Busca las claves públicas del usuario en el dominio SSSD "
+"<replaceable>DOMAIN</replaceable>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
msgid "sss_ssh_knownhostsproxy"
-msgstr ""
+msgstr "sss_ssh_knownhostsproxy"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_knownhostsproxy.1.xml:16
msgid "get OpenSSH host keys"
-msgstr ""
+msgstr "obtiene las claves OpenSSH del host"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_knownhostsproxy.1.xml:21
@@ -7783,6 +9573,10 @@ msgid ""
"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
msgstr ""
+"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
+"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:33
@@ -7794,6 +9588,13 @@ msgid ""
"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
"pubconf/known_hosts</filename> and estabilishes connection to the host."
msgstr ""
+"<command>sss_ssh_knownhostsproxy</command> adquiere las claves públicas SSH "
+"del host para el host <replaceable>HOST</replaceable>, las almacena en un "
+"fichero personal OpenSSH conocido por el host (vea la sección "
+"<quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> de "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> para más información) <filename>/var/lib/sss/pubconf/"
+"known_hosts</filename> y establece la conexión al host."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:43
@@ -7801,6 +9602,8 @@ msgid ""
"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
"create the connection to the host instead of opening a socket."
msgstr ""
+"Si se especifica <replaceable>PROXY_COMMAND</replaceable>, se usa para crear "
+"la conexión al host en lugar de abrir un socket."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_knownhostsproxy.1.xml:55
@@ -7809,6 +9612,8 @@ msgid ""
"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
msgstr ""
+"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
+"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:48
@@ -7819,12 +9624,19 @@ msgid ""
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> puede ser configurado para usar "
+"<command>sss_ssh_knownhostsproxy</command> para autenticación de la clave "
+"del host usando las siguientes directivas <citerefentry><refentrytitle>ssh</"
+"refentrytitle> <manvolnum>1</manvolnum></citerefentry> configuration: "
+"<placeholder type=\"programlisting\" id=\"0\"/> "
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_ssh_knownhostsproxy.1.xml:66
msgid ""
"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
msgstr ""
+"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:71
@@ -7832,12 +9644,16 @@ msgid ""
"Use port <replaceable>PORT</replaceable> to connect to the host. By "
"default, port 22 is used."
msgstr ""
+"Usa el puerto <replaceable>PORT</replaceable> para conectar al host. Por "
+"defecto, el puerto usado es el 22."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:83
msgid ""
"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
+"Busca las claves públicas del host en el dominio SSSD <replaceable>DOMAIN</"
+"replaceable>."
#. type: Content of: <refsect1><title>
#: include/service_discovery.xml:2
@@ -7851,6 +9667,10 @@ msgid ""
"appropriate servers to connect to using a special DNS query. This feature is "
"not supported for backup servers."
msgstr ""
+"La función servicio descubridor permite a los puntos finales encontrar "
+"automáticamente los servidores apropiados a conectar para usar una pregunta "
+"especial al DNS. Esta función no está soportada por los servidores de "
+"respaldo."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
@@ -7868,6 +9688,14 @@ msgid ""
"prefers to use service discovery whenever possible, and fall back to a "
"specific server when no servers can be discovered using DNS."
msgstr ""
+"Si no se especifican servidores, el punto final usar automáticamente el "
+"servicio descubridor para intentar encontrar un servidor. Opcionalmente, el "
+"usuario puede elegir utilizar tanto las direcciones de servidor fijadas como "
+"el servicio descubridor para insertar una palabra clave especial, "
+"<quote>_srv_</quote>, en la lista de servidores. El orden de preferencia se "
+"mantiene. Esta función es útil sí, por ejemplo, el usuario prefiere usar el "
+"servicio descubridor siempre que sea posible, el volver a un servidor "
+"específico cuando no se pueden descubrir servidores usando DNS."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:23
@@ -7881,6 +9709,9 @@ msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for more details."
msgstr ""
+"Por favor vea el parámetro <quote>dns_discovery_domain</quote> en la página "
+"de manual <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> para más detalles."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:35
@@ -7893,17 +9724,21 @@ msgid ""
"The queries usually specify _tcp as the protocol. Exceptions are documented "
"in respective option description."
msgstr ""
+"Las consultas normalmente especifican _tcp como protocolo. Las excepciones "
+"se documentan en la descripción de la opción respectiva."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:42
msgid "See Also"
-msgstr ""
+msgstr "Vea también"
#. type: Content of: <refsect1><refsect2><para>
#: include/service_discovery.xml:44
msgid ""
"For more information on the service discovery mechanism, refer to RFC 2782."
msgstr ""
+"Para más información sobre el mecanismo del servicio descubridor, vea el RFC "
+"2782."
#. type: Content of: outside any tag (error?)
#: include/upstream.xml:1
@@ -7913,7 +9748,7 @@ msgstr "<placeholder type=\"refentryinfo\" id=\"0\"/>"
#. type: Content of: <refsect1><title>
#: include/failover.xml:2
msgid "FAILOVER"
-msgstr ""
+msgstr "CONMUTACIÓN POR ERROR"
#. type: Content of: <refsect1><para>
#: include/failover.xml:4
@@ -7921,11 +9756,13 @@ msgid ""
"The failover feature allows back ends to automatically switch to a different "
"server if the current server fails."
msgstr ""
+"La función conmutación en error permite a los finales conmutar "
+"automáticamente a un servidor diferente si el servidor actual falla."
#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:8
msgid "Failover Syntax"
-msgstr ""
+msgstr "Sintaxis de conmutación por error"
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:10
@@ -7934,23 +9771,54 @@ msgid ""
"is allowed around the comma. The servers are listed in order of preference. "
"The list can contain any number of servers."
msgstr ""
+"La lista de servidores se da como una lista separada por comas; se permite "
+"cualquier número de espacios a los lados de la coma. Los servidores son "
+"listados en orden de preferencia. La lista puede contener cualquier número "
+"de servidores."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:16
+#, fuzzy
+#| msgid ""
+#| "For each failover-enabled config option, two variants exist: "
+#| "<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea "
+#| "is that servers in the primary list are preferred and backup servers are "
+#| "only searched if no primary servers can be reached. If a backup server is "
+#| "selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+#| "periodically try to reconnect to one of the primary servers. If it "
+#| "succeeds, it will replace the current active (backup) server."
msgid ""
"For each failover-enabled config option, two variants exist: "
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
+"Por cada opción de conmutación en error habilitada, existen dos variantes: "
+"<emphasis>primary</emphasis> y <emphasis>backup</emphasis>. La idea es que "
+"los servidores en la lista principal son preferidos y los servidores de "
+"respaldo sólo serán buscados si no se pueden alcanzar servidores "
+"principales. Si se ha seleccionado servidor de respaldo, se fija un tiempo "
+"de espera de 30 segundo. Después de este tiempo de espera SSSD intentará "
+"periódicamente volver a conectar a uno de los servidores principales. Si "
+"esto sucede, reemplazará el servidor activo actual (de respaldo)."
#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:27
msgid "The Failover Mechanism"
msgstr ""
+"El mecanismo de conmutación por errorEl mecanismo de failover distingue "
+"entre una máquina y un servicio. El punto final intenta primero resolver el "
+"nombre de host de una máquina dada; si el intento de resolución falla, la "
+"máquina es considerada fuera de línea. No se harán más intentos de conexión "
+"con esta máquina para ningún otro servicio. Si el intento de resolución "
+"tiene éxito, el punto final intenta conectar a un servicio en esa máquina. "
+"Si el intento de conexión al servicio falla, entonces sólo se considera "
+"fuera de línea este servicio concreto y el punto final conmutará "
+"automáticamente sobre el siguientes servicio. La máquina se considera que "
+"sigue en línea y se puede intentar el acceso a otros servicios."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:29
@@ -7965,6 +9833,16 @@ msgid ""
"switches over to the next service. The machine is still considered online "
"and might still be tried for another service."
msgstr ""
+"El mecanismo de conmutación por error distingue entre una máquina y un "
+"servicio. El punto final intenta primero resolver el nombre de host de una "
+"máquina dada; si el intento de resolución falla, la máquina es considerada "
+"fuera de línea. No se harán más intentos de conexión con esta máquina para "
+"ningún otro servicio. Si el intento de resolución tiene éxito, el punto "
+"final intenta conectar a un servicio en esa máquina. Si el intento de "
+"conexión al servicio falla, entonces sólo se considera fuera de línea este "
+"servicio concreto y el punto final conmutará automáticamente sobre el "
+"siguientes servicio. La máquina se considera que sigue en línea y se puede "
+"intentar el acceso a otros servicios."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:42
@@ -7973,6 +9851,9 @@ msgid ""
"offline after a specified period of time; this is currently hard coded to 30 "
"seconds."
msgstr ""
+"Los intentos de conexión adicionales son hechos a máquinas o servicios "
+"marcaros como fuera de línea después de un período de tiempo especificado; "
+"esto está codificado a fuego actualmente en 30 segundos."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:47
@@ -7980,11 +9861,13 @@ msgid ""
"If there are no more machines to try, the back end as a whole switches to "
"offline mode, and then attempts to reconnect every 30 seconds."
msgstr ""
+"Si no hay más máquinas para intentarlo, el punto final al completo conmutará "
+"al modo fuera de línea y después intentará reconectar cada 30 segundo."
#. type: Content of: <refsect1><title>
#: include/ldap_id_mapping.xml:2
msgid "ID MAPPING"
-msgstr ""
+msgstr "ASIGNACIÓN DE ID"
#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:4
@@ -7993,6 +9876,10 @@ msgid ""
"without requiring administrators to extend user attributes to support POSIX "
"attributes for user and group identifiers."
msgstr ""
+"La función asignación de ID permite a SSSD actuar como un cliente de Active "
+"Directory sin requerir de administradores para extender los atributos de "
+"usuario para soportar atributos POSIX para los identificadores de usuario y "
+"grupo."
#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:9
@@ -8002,11 +9889,16 @@ msgid ""
"assigned and manually-assigned values. If you need to use manually-assigned "
"values, ALL values must be manually-assigned."
msgstr ""
+"NOTA: Cuando asignación de ID está habilitado, los atributos uidNumber y "
+"gidNumber son ignorados. Esto es para evitar la posibilidad de conflictos "
+"entre los valores automáticamente asignados y los asignados manualmente. Si "
+"usted necesita usar los valore asignados manualmente, TODOS los valores "
+"deben ser asignados manualmente."
#. type: Content of: <refsect1><refsect2><title>
#: include/ldap_id_mapping.xml:17
msgid "Mapping Algorithm"
-msgstr ""
+msgstr "Algoritmo de asignación"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:19
@@ -8016,6 +9908,10 @@ msgid ""
"represent the Active Directory domain identity and the relative identifier "
"(RID) of the user or group object."
msgstr ""
+"Active Directory suministra un objectSID para cada objeto usuario y grupo en "
+"el directorio. El objectSID puede ser dividido en componente que representan "
+"la identidad del dominio Active Directory y le identificador relativo (RID) "
+"del objeto usuario y grupo."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:25
@@ -8024,6 +9920,10 @@ msgid ""
"into equally-sized component sections - called \"slices\"-. Each slice "
"represents the space available to an Active Directory domain."
msgstr ""
+"El algoritmo de asignación de ID de SSSD tiene un rango de UIDs disponibles "
+"y lo divide en secciones componente de igual tamaño – llamadas “rebanadas” "
+"-. Cada rebanada representa el espacio disponible para un dominio Active "
+"Directory."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:31
@@ -8033,6 +9933,11 @@ msgid ""
"In order to make this slice-assignment repeatable on different client "
"machines, we select the slice based on the following algorithm:"
msgstr ""
+"Cuando se encuentra por primera vez una entrada de usuario o grupo para un "
+"dominio concreto, SSSD asigna una de las rebanadas disponibles para ese "
+"dominio. Con el objetivo de hacer esta asignación de rebanadas repetible "
+"sobre diferentes máquinas clientes, seleccionamos la rebanada en base al "
+"siguiente algoritmo:"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:38
@@ -8041,6 +9946,9 @@ msgid ""
"a 32-bit hashed value. We then take the modulus of this value with the total "
"number of available slices to pick the slice."
msgstr ""
+"La cadena SID pasada a través del algoritmo murmurhash3 para convertirlo en "
+"un valor picado de 32 bit. Después tomamos los módulos de este valor con el "
+"número total de rebanadas disponibles para recoger la rebanada."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:44
@@ -8054,12 +9962,22 @@ msgid ""
"configure a default domain to guarantee that at least one is always "
"consistent. See <quote>Configuration</quote> for details."
msgstr ""
+"NOTA: Es posible encontrar colisiones en el picadillo y los módulos "
+"subsiguientes. En estas situaciones, seleccionaremos la siguiente rebanada "
+"disponible, pero puede no ser posible reproducir los mismos conjuntos "
+"exactos de rebanadas sobre otras máquinas (puesto que el orden en que se "
+"encuentren desterminará sus rebanadas). En esta situación, se recomienda o "
+"bien conmutar para usar los atributos explícitos POSIX en Active Directory "
+"(deshabilitando la asignación de ID) o configurar un dominio por defecto "
+"para garantizar que al menos uno sea siempre consistente. Vea "
+"<quote>Configuración</quote> para detalles."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:59
msgid ""
"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
msgstr ""
+"Configuración mínima (en la sección <quote>[domain/DOMAINNAME]</quote>):"
#. type: Content of: <refsect1><refsect2><para><programlisting>
#: include/ldap_id_mapping.xml:64
@@ -8067,7 +9985,7 @@ msgstr ""
msgid ""
"ldap_id_mapping = True\n"
"ldap_schema = ad\n"
-msgstr ""
+msgstr "ldap_id_mapping = True ldap_schema = ad \n"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:69
@@ -8076,16 +9994,20 @@ msgid ""
"of holding up to 200,000 IDs, starting from 10,001 and going up to "
"2,000,100,000. This should be sufficient for most deployments."
msgstr ""
+"La configuración por defecto resulta en la configuración de 10.000 "
+"rebanadas, cada una capaz de sostener 200.000 IDs empezando por 10.001 y "
+"yendo hasta 2.000.100.000. Esto debería ser suficiente para la mayoría de "
+"los despliegues."
#. type: Content of: <refsect1><refsect2><refsect3><title>
#: include/ldap_id_mapping.xml:75
msgid "Advanced Configuration"
-msgstr ""
+msgstr "Configuración Avanzada"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:78
msgid "ldap_idmap_range_min (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_min (entero)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:81
@@ -8093,6 +10015,8 @@ msgid ""
"Specifies the lower bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
msgstr ""
+"Especifica el límite inferior del rango de IDs POXIS a usar para la "
+"asignación de SIDs de usuario y grupo de Active Directory."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:85
@@ -8103,16 +10027,22 @@ msgid ""
"distinction, but the good general advice would be to have <quote>min_id</"
"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
msgstr ""
+"NOTA: Esta opción es diferente de <quote>min_id</quote> en esta "
+"<quote>min_id</quote> actúa para filtrar la salida de las peticiones a este "
+"dominio, mientras esta opción controla el rango de la asignación de ID. Esto "
+"es una sutil diferencia, pero el buen consejo general sería que "
+"<quote>min_id</quote> fuera menor o igual que <quote>ldap_idmap_range_min</"
+"quote>"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
msgid "Default: 200000"
-msgstr ""
+msgstr "Por defecto: 200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:100
msgid "ldap_idmap_range_max (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_max (entero)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:103
@@ -8120,6 +10050,8 @@ msgid ""
"Specifies the upper bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
msgstr ""
+"Especifica el límite superior del rango de IDs POXIS a usar para la "
+"asignación de SIDs de usuario y grupo por Active Directory."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:107
@@ -8130,16 +10062,22 @@ msgid ""
"distinction, but the good general advice would be to have <quote>max_id</"
"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
msgstr ""
+"NOTA: Esta opción es diferente de <quote>max_id</quote> en esta "
+"<quote>max_id</quote> actúa para filtrar la salida de las peticiones a este "
+"dominio, mientras esta opción controla el rango de la asignación de ID. Esto "
+"es una sutil diferencia, pero el buen consejo general sería que "
+"<quote>max_id</quote> fuera menor o igual que <quote>ldap_idmap_range_max</"
+"quote>"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:117
msgid "Default: 2000200000"
-msgstr ""
+msgstr "Por defecto: 2000200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:122
msgid "ldap_idmap_range_size (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_size (entero)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:125
@@ -8148,11 +10086,14 @@ msgid ""
"does not divide evenly into the min and max values, it will create as many "
"complete slices as it can."
msgstr ""
+"Especifica el número de IDs disponibles para cada rebanada. Si el rango no "
+"se divide de forma igual entre los valores mínimo y máximo, creará tantas "
+"rebanadas completas como sea posible."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:136
msgid "ldap_idmap_default_domain_sid (string)"
-msgstr ""
+msgstr "ldap_idmap_default_domain_sid (cadena)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:139
@@ -8161,21 +10102,24 @@ msgid ""
"domain will always be assigned to slice zero in the ID map, bypassing the "
"murmurhash algorithm described above."
msgstr ""
+"Especifica el SID de dominio del dominio por defecto. Esto garantizará que "
+"este dominio será asignado siempre a la rebanada cero en el mapa de ID, "
+"sobrepasando el algoritmo murmurhash descrito arriba."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:150
msgid "ldap_idmap_default_domain (string)"
-msgstr ""
+msgstr "ldap_idmap_default_domain (cadena)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:153
msgid "Specify the name of the default domain."
-msgstr ""
+msgstr "Especifica el nombre del dominio por defecto."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:161
msgid "ldap_idmap_autorid_compat (boolean)"
-msgstr ""
+msgstr "ldap_idmap_autorid_compat (booleano)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:164
@@ -8183,6 +10127,9 @@ msgid ""
"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
"winbind's <quote>idmap_autorid</quote> algorithm."
msgstr ""
+"Cambia el comportamiento del algoritmo de asignación de id para que se "
+"comporte de un modo más similar al algoritmo <quote>idmap_autorid</quote> de "
+"winbind."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:169
@@ -8190,6 +10137,9 @@ msgid ""
"When this option is configured, domains will be allocated starting with "
"slice zero and increasing monatomically with each additional domain."
msgstr ""
+"Cuando esta opción está configurada, los dominios serán asignados empezando "
+"con la rebanada cero e incrementándose de uno en uno con cada dominio "
+"adicional."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:174
@@ -8200,11 +10150,16 @@ msgid ""
"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
"least one domain is consistently allocated to slice zero."
msgstr ""
+"NOTA: Este algoritmo no es determinista (depende del orden en que usuario y "
+"grupos son pedidos). Si se requiere este modo para compatibilidad con "
+"máquinas que ejecutan winbind, se recomienda que también use la opción "
+"<quote>ldap_idmap_default_domain_sid</quote> para garantizar que al menos un "
+"dominio está asignado consistentemente a la rebanada cero."
#. type: Content of: <varlistentry><term>
#: include/param_help.xml:3
msgid "<option>-?</option>,<option>--help</option>"
-msgstr ""
+msgstr "<option>-?</option>,<option>--help</option>"
#. type: Content of: <varlistentry><listitem><para>
#: include/param_help.xml:7 include/param_help_py.xml:7
@@ -8223,11 +10178,14 @@ msgid ""
"default value as well as the lowest allowed value, 0xFFF0 is the most "
"verbose mode. This setting overrides the settings from config file."
msgstr ""
+"Bit de máscara que indica que niveles de depuración serán visibles. 0x0010 "
+"es el valor por defecto así como el valor más bajo permitido, 0xFFF0 es el "
+"modo más verboso. Este ajuste anula los ajustes del fichero de configuración."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:8
msgid "Currently supported debug levels:"
-msgstr ""
+msgstr "Niveles de depuración actualmente soportados:"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:11
@@ -8235,6 +10193,8 @@ msgid ""
"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
"SSSD from starting up or causes it to cease running."
msgstr ""
+"<emphasis>0x0010</emphasis>: Fallos fatales. Cualquier cosa que evitaría que "
+"SSSD arrancara u origine el cese de la ejecución."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:15
@@ -8243,6 +10203,9 @@ msgid ""
"the SSSD, but one that indicates that at least one major feature is not "
"going to work properly."
msgstr ""
+"<emphasis>0x0020</emphasis>: Fallos críticos. Un error que no matará SSSD, "
+"pero que indica que al menos una de las funciones principales no está "
+"trabajando apropiadamente."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:20
@@ -8250,6 +10213,8 @@ msgid ""
"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
"particular request or operation has failed."
msgstr ""
+"<emphasis>0x0040</emphasis>: Fallos serios. Un error anunciando que una "
+"petición u operación concreta ha fallado."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:24
@@ -8257,27 +10222,32 @@ msgid ""
"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
"percolate down to cause the operation failure of 2."
msgstr ""
+"<emphasis>0x0080</emphasis>: Fallos menores. Estos son errores que podrían "
+"filtrarse hacia abajo para causar fallos en la operación de 2."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:28
msgid "<emphasis>0x0100</emphasis>: Configuration settings."
-msgstr ""
+msgstr "<emphasis>0x0100</emphasis>: Ajustes de configuración."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:31
msgid "<emphasis>0x0200</emphasis>: Function data."
-msgstr ""
+msgstr "<emphasis>0x0200</emphasis>: Datos de función."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:34
msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
msgstr ""
+"<emphasis>0x0400</emphasis>: Traza de mensajes para funciones de operación."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:37
msgid ""
"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
msgstr ""
+"<emphasis>0x1000</emphasis>: Traza de mensajes para funciones de control "
+"interno."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:40
@@ -8285,11 +10255,15 @@ msgid ""
"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
"may be interesting."
msgstr ""
+"<emphasis>0x2000</emphasis>: Contenidos de variables de función interna que "
+"pueden ser interesantes."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:43
msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
msgstr ""
+"<emphasis>0x4000</emphasis>: Información de trazado de nivel extremadamente "
+"bajo."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:46
@@ -8297,6 +10271,8 @@ msgid ""
"To log required debug levels, simply add their numbers together as shown in "
"following examples:"
msgstr ""
+"Para registrar los niveles de depuración requeridos, simplemente añada sus "
+"números juntos como se muestra en los siguientes ejemplos:"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:49
@@ -8304,6 +10280,8 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
"serious failures and function data use 0x0270."
msgstr ""
+"<emphasis>Ejemplo</emphasis>: Para registrar fallos fatales, críticos y "
+"serios y datos de función use 0x0270."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:53
@@ -8311,6 +10289,9 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
"function data, trace messages for internal control functions use 0x1310."
msgstr ""
+"<emphasis>Example</emphasis>: Para registrar fallos fatales, ajustes de "
+"configuración, datos de función, mensajes de traza para funciones de control "
+"interno use 0x1310."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:57
@@ -8318,6 +10299,9 @@ msgid ""
"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
msgstr ""
+"<emphasis>Nota</emphasis>: Este es un nuevo formato de niveles de depuración "
+"introducido en 1.7.0. El formato más antiguo (números de 0-10) es compatible "
+"pero obsoleto."
#. type: Content of: outside any tag (error?)
#: include/experimental.xml:1
@@ -8325,11 +10309,13 @@ msgid ""
"<emphasis> This is an experimental feature, please use http://fedorahosted."
"org/sssd to report any issues. </emphasis>"
msgstr ""
+"<emphasis> Este es una función experimental, por favor utilice http://"
+"fedorahosted.org/sssd para reportar cualquier cuestión. </emphasis>"
#. type: Content of: <refsect1><title>
#: include/local.xml:2
msgid "THE LOCAL DOMAIN"
-msgstr ""
+msgstr "EL DOMINIO LOCAL"
#. type: Content of: <refsect1><para>
#: include/local.xml:4
@@ -8337,6 +10323,8 @@ msgid ""
"In order to function correctly, a domain with <quote>id_provider=local</"
"quote> must be created and the SSSD must be running."
msgstr ""
+"Con el objetivo de que funcione correctamente, se debe crear un dominio con "
+"<quote>id_provider=local</quote> y el SSSD debe estar corriendo."
#. type: Content of: <refsect1><para>
#: include/local.xml:9
@@ -8349,6 +10337,14 @@ msgid ""
"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
"local LDB storage to store users and groups."
msgstr ""
+"El administrador puede desear usar los usuarios locales SSSD en lugar de los "
+"usuarios tradicionales UNIX en los casos donde los grupos anidados (vea "
+"<citerefentry> <refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>) sean necesarios. Los usuarios locales son "
+"también útiles para la prueba y el desarrollo del SSSD sin tener que "
+"desplegar un servidor remoto completo. Las herramientas <command>sss_user*</"
+"command> y <command>sss_group*</command> usan un almacenamiento LDB local "
+"para almacenar usuarios y grupos."
#. type: Content of: <refsect1><title>
#: include/seealso.xml:2
@@ -8357,6 +10353,45 @@ msgstr "VEA TAMBIEN"
#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
+#, fuzzy
+#| msgid ""
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> "
+#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>, </phrase> <citerefentry> "
+#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>."
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
@@ -8391,10 +10426,46 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:3
@@ -8403,6 +10474,8 @@ msgid ""
"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
"for this attribute type."
msgstr ""
+"Una base DN opcional, alcance de la búsqueda y filtro LDAP para búsquedas "
+"LDAP de este tipo de atributo."
#. type: Content of: <listitem><para><programlisting>
#: include/ldap_search_bases.xml:9
@@ -8410,12 +10483,14 @@ msgstr ""
#, no-wrap
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
msgstr ""
+"search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
+"\n"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:7
#: include/ldap_search_bases_experimental.xml:7
msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
-msgstr ""
+msgstr "sintaxis: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:13
@@ -8425,6 +10500,9 @@ msgid ""
"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
"rfc2254.txt"
msgstr ""
+"El alcance puede ser uno de \"base\", \"onelevel\" o \"subtree\". El filtro "
+"debe ser un filtro de búsqueda válido LDAP como se especifica en http://www."
+"ietf.org/rfc/rfc2254.txt"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:19
@@ -8433,6 +10511,8 @@ msgid ""
"For examples of this syntax, please refer to the <quote>ldap_search_base</"
"quote> examples section."
msgstr ""
+"Para ejemplos de esta sintaxis, por favor vea la sección de ejemplos de "
+"<quote>ldap_search_base</quote>"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:27
@@ -8442,6 +10522,9 @@ msgid ""
"against an Active Directory Server that might yield a large number of "
"results and trigger the Range Retrieval extension in the response."
msgstr ""
+"Por favor advierta que especificar el alcance o el filtro no está soportado "
+"para búsquedas contra un Active Directory Server que puede ceder un gran "
+"número de resultados y disparar la extensión Range Retrieval en la respuesta."
#. type: Content of: <para>
#: include/autofs_restart.xml:2
@@ -8450,3 +10533,17 @@ msgid ""
"any autofs-related changes are made to the sssd.conf, you typically also "
"need to restart the automounter daemon after restarting the SSSD."
msgstr ""
+"Por favor advierta que el automontador sólo lee el mapa maestro en el "
+"arranque, se modo que si se hace cualquier cambio relacionado con autofs al "
+"sssd.conf, usted normalmente también necesitará reiniciar el demonio "
+"automontador después de reiniciar el SSSD."
+
+#~ msgid ""
+#~ "If true then SSSD will download every rule that contains a regular "
+#~ "expression in sudoHost attribute."
+#~ msgstr ""
+#~ "Si está a true SSSD descargará cada regla que contenga una expresión "
+#~ "regular en el atributo sudoHost."
+
+#~ msgid "regular expression"
+#~ msgstr "expresión regular"
diff --git a/src/man/po/eu.po b/src/man/po/eu.po
index d201753df..06e7d40ef 100644
--- a/src/man/po/eu.po
+++ b/src/man/po/eu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.8.95\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-07-18 21:31+0300\n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
@@ -131,7 +131,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr ""
@@ -198,7 +198,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr ""
@@ -235,19 +235,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr ""
@@ -266,7 +266,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr ""
@@ -286,7 +286,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
@@ -369,32 +369,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -404,15 +383,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -430,12 +409,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -444,80 +423,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -527,23 +507,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -622,8 +623,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr ""
@@ -702,13 +703,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -721,12 +732,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -734,231 +745,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -966,59 +978,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1026,7 +1038,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1035,17 +1047,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1053,115 +1065,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1173,7 +1185,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1184,24 +1196,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1209,12 +1221,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1223,24 +1235,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1249,56 +1261,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1306,123 +1321,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1431,17 +1453,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1450,33 +1472,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1484,8 +1506,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1494,8 +1516,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1503,19 +1525,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1524,19 +1546,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1544,7 +1584,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1552,30 +1592,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1583,19 +1623,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1604,24 +1644,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1629,7 +1669,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1637,35 +1677,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1673,22 +1713,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1696,7 +1737,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1704,31 +1745,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1736,28 +1777,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1765,7 +1801,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1773,24 +1809,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1798,19 +1834,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1819,29 +1855,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1849,7 +1885,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1857,14 +1893,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1872,59 +1908,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1932,56 +1968,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1990,30 +2026,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2021,29 +2057,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2051,19 +2087,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2071,73 +2107,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2145,17 +2181,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2164,17 +2200,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2182,17 +2218,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2200,18 +2236,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2241,7 +2277,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2282,7 +2318,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -3014,8 +3050,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3030,7 +3066,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3218,7 +3254,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3418,6 +3454,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3478,7 +3515,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3751,53 +3788,73 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3805,27 +3862,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3837,7 +3894,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3845,7 +3902,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3853,53 +3910,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3907,32 +3964,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3941,56 +4003,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4001,12 +4063,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4015,14 +4077,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4031,24 +4093,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4056,19 +4118,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4077,7 +4139,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4085,7 +4147,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4094,94 +4156,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4193,213 +4286,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4407,106 +4500,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4515,76 +4608,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4593,46 +4686,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4640,43 +4733,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4684,7 +4777,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4692,7 +4785,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4702,23 +4795,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5021,7 +5114,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5032,12 +5125,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5045,7 +5146,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5097,25 +5198,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5125,87 +5234,105 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+msgid "Default: 1200 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5213,86 +5340,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5300,12 +5427,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5313,17 +5440,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5332,313 +5472,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5646,7 +5818,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5784,7 +5956,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5792,7 +5964,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5806,11 +5978,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5984,7 +6178,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7686,7 +7880,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8135,7 +8329,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/fr.po b/src/man/po/fr.po
index 0440fdc2d..9a517ad00 100644
--- a/src/man/po/fr.po
+++ b/src/man/po/fr.po
@@ -4,14 +4,14 @@
#
# Translators:
# Fabien Archambault <marbolangos@gmail.com>, 2012.
-# Jérôme Fenal <jfenal@gmail.com>, 2012.
+# Jérôme Fenal <jfenal@gmail.com>, 2012-2013.
# <sgallagh@redhat.com>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
-"PO-Revision-Date: 2012-10-07 19:47+0000\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2013-03-24 18:20+0000\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French <trans-fr@lists.fedoraproject.org>\n"
"Language: fr\n"
@@ -30,7 +30,7 @@ msgstr ""
#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
#: sss_ssh_knownhostsproxy.1.xml:5
msgid "SSSD Manual pages"
-msgstr "Manuel de SSSD"
+msgstr "Pages de manuel de SSSD"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
@@ -81,7 +81,7 @@ msgid ""
"that are specified on the command line."
msgstr ""
"<command>sss_groupmod</command> modifie le groupe pour refléter les "
-"changements effectués en ligne de commande."
+"changements spécifiés sur la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
@@ -127,7 +127,7 @@ msgid ""
"Remove this group from groups specified by the <replaceable>GROUPS</"
"replaceable> parameter."
msgstr ""
-"Supprime ce groupe à partir des groupes spécifiés par le paramètre "
+"Supprime ce groupe des groupes spécifiés par le paramètre "
"<replaceable>GROUPS</replaceable>."
#. type: Content of: <reference><refentry><refnamediv><refname>
@@ -149,9 +149,9 @@ msgstr "Formats de fichier et conventions"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
-msgstr "The fichier de configuration pour SSSD"
+msgstr "Le fichier de configuration pour SSSD"
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:21
@@ -168,8 +168,8 @@ msgid ""
" "
msgstr ""
" <replaceable>[section]</replaceable>\n"
-" <replaceable>clef</replaceable> = <replaceable>valeur</replaceable>\n"
-" <replaceable>clef2</replaceable> = <replaceable>valeur2, valeur3</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
" "
#. type: Content of: <reference><refentry><refsect1><para>
@@ -180,10 +180,11 @@ msgid ""
"until the next section begins. An example of section with single and multi-"
"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
-"Ce fichier utilise la syntaxe « ini-style » et est constituée de sections "
-"ainsi que de paramètres. Une sections commence par le nom de la section "
-"entre guillements et continue jusqu'à la section suivante. Un exemple de "
-"section avec des paramètres : <placeholder type=\"programlisting\" id=\"0\"/>"
+"Ce fichier utilise la syntaxe de style « .ini » et est constituée de "
+"sections et de paramètres. Une section commence par le nom de la section "
+"entre crochets et continue jusqu'à la section suivante. Un exemple de "
+"section avec des paramètres mono et multi-valués : <placeholder type="
+"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:36
@@ -201,6 +202,9 @@ msgid ""
"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
"(<quote>;</quote>). Inline comments are not supported."
msgstr ""
+"Un commentaire de ligne commence par un octothorpe (<quote>#</quote>) ou un "
+"point-virgule (<quote>;</quote>). Les commentaires au sein d'une ligne ne "
+"sont pas pris en charge."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd.conf.5.xml:47
@@ -209,7 +213,7 @@ msgid ""
"parameter. Its function is only as a label for the section."
msgstr ""
"Toutes les sections peuvent avoir un paramètre optionnel de "
-"<replaceable>description</replaceable>. Cette fonction sert à nommer la "
+"<replaceable>description</replaceable>. Sa fonction ne sert qu'à nommer la "
"section."
#. type: Content of: <reference><refentry><refsect1><para>
@@ -218,8 +222,8 @@ msgid ""
"<filename>sssd.conf</filename> must be a regular file, owned by root and "
"only root may read from or write to the file."
msgstr ""
-"<filename>sssd.conf</filename> doit être un fichier possédé par root, seul "
-"root peut écrire et lire ce fichier."
+"<filename>sssd.conf</filename> doit être un fichier normal, appartenant à "
+"root, et seul root doit pouvoir écrire et lire ce fichier."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.conf.5.xml:59
@@ -232,9 +236,9 @@ msgid "The [sssd] section"
msgstr "La section [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
-msgstr "Paramètres de section"
+msgstr "Paramètres de sections"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:73
@@ -248,7 +252,7 @@ msgid ""
"version 2."
msgstr ""
"Indique la syntaxe du fichier de configuration. Pour SSSD 0.6.0 ou "
-"supérieure utilisez la version 2."
+"supérieure utiliser la version 2."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:82
@@ -260,7 +264,8 @@ msgstr "services"
msgid ""
"Comma separated list of services that are started when sssd itself starts."
msgstr ""
-"Liste de services séparés par des virgules démarrés quand sssd se lance."
+"Liste des services séparés par des virgules qui sont démarrés quand sssd se "
+"lance."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:89
@@ -270,23 +275,28 @@ msgid ""
"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
"phrase>"
msgstr ""
+"Les services pris en charge : nss, pam <phrase condition=\"with_sudo\">, "
+"sudo</phrase> <phrase condition=\"with_autofs\"> autofs</phrase> <phrase "
+"condition=\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder"
+"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
-"Nombre de fois que les services doivent tenter de se reconnecter ou de "
-"redémarrer dans le cas d'un plantage du « Data Provider » avant d'abandonner"
+"Nombre d'essais de reconnection ou de redémarrage que les services doivent "
+"effectuer dans le cas d'un plantage du fournisseur de données avant "
+"d'abandonner"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Par défaut : 3"
@@ -304,12 +314,12 @@ msgid ""
"them to be queried."
msgstr ""
"Un domaine est une base de données contenant les informations utilisateurs. "
-"SSSD peut utiliser plus de domaines en même temps mais au moins un doit être "
+"SSSD peut utiliser plusieurs domaines en même temps, au moins un doit être "
"configuré ou SSSD ne démarrera pas. Ce paramètre décrit la liste des "
-"domaines dans l'ordre où vous voulez les appeler."
+"domaines dans l'ordre où ils doivent être requêtés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (chaîne)"
@@ -319,6 +329,8 @@ msgid ""
"Default regular expression that describes how to parse the string containing "
"user name and domain into these components."
msgstr ""
+"L'expression régulière par défaut qui décrit la manière d'analyser la chaîne "
+"contenant le nom d'utilisateur et de domaine dans ces composants."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:132
@@ -327,9 +339,13 @@ msgid ""
"ID providers there are also default regular expressions. See DOMAIN "
"SECTIONS for more info on these regular expressions."
msgstr ""
+"Chaque domaine peut avoir une expression régulière individuelle configurée. "
+"Pour certains fournisseurs ID, il y a aussi des expressions régulières par "
+"défaut. Voir les SECTIONS DOMAINE pour plus d'informations sur ces "
+"expressions régulières."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (chaîne)"
@@ -340,6 +356,9 @@ msgid ""
"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
"how to translate a (name, domain) tuple into a fully qualified name."
msgstr ""
+"Le format par défaut compatible <citerefentry> <refentrytitle>printf</"
+"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant la "
+"traduction (nom, domaine) d'un tuple en un domaine pleinement qualifé."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:152
@@ -347,6 +366,8 @@ msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
+"Chaque domaine peut avoir une chaîne de format individuelle configurée. "
+"Voir les SECTIONS DOMAINE pour plus d'informations sur cette option."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:158
@@ -362,9 +383,9 @@ msgid ""
"inotify cannot be used."
msgstr ""
"SSSD gère l'état de resolv.conf pour identifier les besoins de mise à jour "
-"des résolutions de DNS internes. Par défaut, l'utilisation de inotify sera "
-"faite et tentera de scanner resolv.conf toutes les cinq secondes si inotify "
-"échoue."
+"des résolutions DNS internes. Par défaut, l'utilisation de inotify sera "
+"tentée, et reviendra à une interrogation de resolv.conf toutes les cinq "
+"secondes si inotify échoue."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:169
@@ -382,8 +403,8 @@ msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
-"Par défaut : true sur les platformes où inotify est pris en charge. False "
-"sur les autres plateformes."
+"Par défaut : true sur les plates-formes où inotify est pris en charge. False "
+"sur les autres plates-formes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:179
@@ -392,7 +413,8 @@ msgid ""
"unavailable. On these platforms, polling will always be used."
msgstr ""
"Note : cette option n'aura aucun effet sur les plateformes où inotify n'est "
-"pas accessible. Sur celles-ci, la requête sera toujours utilisée."
+"pas disponible. Sur celles-ci, l'interrogation régulière sera toujours "
+"utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:186
@@ -414,6 +436,9 @@ msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
+"Cette option accepte une valeur spéciale __LIBKRB5_DEFAULTS__ qui indiquera "
+"à SSSD de laisser libkrb5 décider l'emplacement approprié pour le cache de "
+"relecture."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:199
@@ -421,35 +446,23 @@ msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
+"Par défaut : paramètre spécifique à la distribution et spécifié au moment de "
+"la construction du logiciel. (__LIBKRB5_DEFAULTS__ si non configuré)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "Par défaut : 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
-msgstr ""
+msgstr "default_domain_suffix (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
+#, fuzzy
+#| msgid ""
+#| "This string will be used as a default domain name for all names without a "
+#| "domain name component. The main use case are environments were the local "
+#| "domain is only managing hosts but no users and all users are coming from "
+#| "a trusted domain. The option allows those users to log in just with their "
+#| "user name without giving a domain name as well."
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -457,17 +470,30 @@ msgid ""
"trusted domain. The option allows those users to log in just with their "
"user name without giving a domain name as well."
msgstr ""
+"Cette chaîne servira comme un nom de domaine par défaut pour tous les noms "
+"sans composant de nom de domaine. Les principaux cas d'utilisation sont les "
+"environnements où le domaine local ne gère que les systèmes et aucun "
+"utilisateur, et dont les utilisateurs proviennent d'un domaine approuvé. "
+"L'option permet à ces utilisateurs de se connecter sans fournir un nom de "
+"domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
+#, fuzzy
+#| msgid ""
+#| "Please note that if this option is set all users from the local domain "
+#| "have to use their fully qualified name, e.g. user@domain.name, to log in."
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
+"Noter que, si cette option est définie, tous les utilisateurs du domaine "
+"local doivent utiliser leur nom pleinement qualifié, par exemple user@domain."
+"name, pour se connecter."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -483,20 +509,20 @@ msgid ""
"some other important options like the identity domains. <placeholder type="
"\"variablelist\" id=\"0\"/>"
msgstr ""
-"Les fonctionnalités propres à SSSD sont fournies par le service spécifique "
-"SSSD. Elles sont démarrées et arrêtées à partir de SSSD. Les services sont "
-"gérés par un service spécifique souvent appelé le <quote>moniteur</quote>. "
-"La section <quote>[sssd]</quote> est utilisée pour configurer le moniteur "
-"ainsi que certaines options importantes comme l'identité des domaines. . "
-"<placeholder type=\"variablelist\" id=\"0\"/>"
+"Les fonctionnalités propres à SSSD sont fournies par des services "
+"spécifiques SSSD, qui sont démarrés et arrêtés en même temps que SSSD. Les "
+"services sont gérés par un service spécifique souvent appelé le "
+"<quote>moniteur</quote>. La section <quote>[sssd]</quote> est utilisée pour "
+"configurer le moniteur ainsi que certaines options importantes comme "
+"l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
-msgstr "SECTIONS SERVICES"
+msgstr "SECTIONS DE SERVICES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -504,85 +530,88 @@ msgid ""
"quote>"
msgstr ""
"Les options utilisables pour configurer les différents services sont "
-"décrites dans cette section. Ils doivent être dans la section [<replaceable>"
-"$NAME</replaceable>], par exemple pour le service NSS, la section doit être "
-"<quote>[nss]</quote>"
+"décrites dans cette section. Ils doivent être situés dans la section "
+"[<replaceable>$NAME</replaceable>], par exemple pour le service NSS, la "
+"section doit être <quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
-msgstr "Options générales de configuration du service"
+msgstr "Options générales de configuration de service"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "Ces options peuvent être utilisées pour configurer les services."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "Ajoute un horodatage aux messages de débogage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Par défaut : true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
-msgstr ""
+msgstr "Ajouter les microsecondes à l'horodatage dans les messages de débogage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Par défaut : false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
+"Délai d'attente entre deux requêtes pour ce domaine. Ceci est utilisé pour "
+"s'assurer que le processus est toujours actif et capable de répondre."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Par défaut : 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
-msgstr ""
+msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -590,24 +619,59 @@ msgid ""
"systems without this capability, the resulting value will be the lower value "
"of this or the limits.conf \"hard\" limit."
msgstr ""
+"Cette option spécifie le nombre maximal de descripteurs de fichiers qui "
+"peuvent être ouverts en même temps par ce processus SSSD. Sur les systèmes "
+"où SSSD se voit accorder la capacité CAP_SYS_RESOURCE, ce sera une limite "
+"absolue. Sur les systèmes sans cette capacité, la valeur résultante sera la "
+"valeur inférieure ou la limite « hard » de limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
-msgstr ""
+msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+"Cette option spécifie la durée en secondes pendant laquelle un client d'un "
+"processus SSSD peut maintenir un descripteur de fichier ouvert sans "
+"communiquer avec. Cette valeur est limitée afin d'éviter l'épuisement des "
+"ressources sur le système."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Par défaut : 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr "force_timeout (integer)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+"Si un service ne répond pas aux vérifications par ping (Cf. l'option "
+"<quote>timeout</quote>), le signal SIGTERM est d'abord envoyé de façon à "
+"l'arrêter proprement. Si le service ne se termine pas après "
+"<quote>force_timeout</quote> secondes, le moniteur sera arrêté violemment à "
+"l'aide d'un signal SIGKILL."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
@@ -633,8 +697,8 @@ msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
-"Combien de secondes nss_sss doit-il mettre en cache les énumérations "
-"(requêtes pour les informations sur tous les utilisateurs)"
+"La durée en secondes pendant laquelle nss_sss doit mettre en cache les "
+"énumérations (requêtes sur les informations de tous les utilisateurs)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:368
@@ -666,11 +730,12 @@ msgid ""
"but the SSSD will go and update the cache on its own, so that future "
"requests will not need to block waiting for a cache update."
msgstr ""
-"Par exemple, si la valeur entry_cache_timeout du domaine est à 30 s et que "
-"entry_cache_nowait_percentage est à 50 (%), les entrées qui veulent mettre à "
-"jour le cache après 15 secondes seront renvoyées immédiatement, mais le SSSD "
-"continuera et mettra à jour le cache de lui-même. Ainsi, les prochaines "
-"requêtes ne seront pas bloquées en attendant une mise à jour du cache."
+"Par exemple, si la valeur entry_cache_timeout du domaine est à 30 secondes "
+"et que entry_cache_nowait_percentage est à 50 (%), les entrées qui veulent "
+"mettre à jour le cache après 15 secondes seront renvoyées immédiatement, "
+"mais SSSD continuera et mettra à jour le cache de lui-même. Ainsi, les "
+"prochaines requêtes ne seront pas bloquées en attendant une mise à jour du "
+"cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:392
@@ -680,7 +745,7 @@ msgid ""
"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
"disables this feature)"
msgstr ""
-"Les valeurs autorisées pour cette options sont 0-99 et représentent un "
+"Les valeurs autorisées pour cette option vont de 0 à 99 et représentent un "
"pourcentage de la valeur entry_cache_timeout pour chaque domaine. Pour des "
"raisons de performance, ce pourcentage ne réduira jamais le délai d'attente "
"de non réponse à moins de 10 secondes (0 pour désactiver l'option)."
@@ -704,11 +769,11 @@ msgid ""
msgstr ""
"Spécifie le temps, en secondes, pendant lequel nss_sss doit mettre en cache "
"les résultats négatifs du cache (c'est-à-dire les requêtes pour les bases de "
-"données invalides, comme celles qui n'existent pas) avant d'appeler à "
-"nouveau l'arrière plan."
+"données invalides, comme celles qui n'existent pas) avant de faire à nouveau "
+"appel au moteur."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Par défaut : 15"
@@ -725,11 +790,11 @@ msgid ""
"domain or include fully-qualified names to filter only users from the "
"particular domain."
msgstr ""
-"Exclu certains utilisateurs de la recherche à partir de la base de données "
-"sss NSS. C'est particulièrement utile pour les comptes système. Cette option "
-"peut aussi être définie pour chaque domaine ou inclure des noms de domaines "
-"totalement qualifiés pour filtrer seulement les utilisateurs d'un certain "
-"domaine."
+"Exclue certains utilisateurs de la recherche à partir de la base de données "
+"sss NSS. Ceci est particulièrement utile pour les comptes système. Cette "
+"option peut aussi être définie pour chaque domaine ou inclure des noms de "
+"domaines pleinement qualifiés pour filtrer seulement les utilisateurs d'un "
+"certain domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:429
@@ -746,8 +811,8 @@ msgstr "filter_users_in_groups (booléen)"
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
-"Si les utilisateurs filtrés sont toujours dans le groupe mettre cette option "
-"à « false »."
+"Mettre cette option à « false » si les utilisateurs filtrés doivent rester "
+"membres de groupes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:446 sssd-ad.5.xml:132
@@ -762,7 +827,7 @@ msgstr "%u"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:456 sssd-ad.5.xml:142 sssd-krb5.5.xml:170
msgid "login name"
-msgstr "nom de connexion"
+msgstr "identifiant de connexion"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:459 sssd-ad.5.xml:145 sssd-krb5.5.xml:173
@@ -794,13 +859,23 @@ msgstr "%f"
msgid "fully qualified user name (user@domain)"
msgstr "nom d'utilisateur qualifié totalement (utilisateur@domaine)"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr "%%"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr "un « % » littéral"
@@ -816,35 +891,37 @@ msgstr ""
"substituées :<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr "Cette option peut aussi être définie pour chaque domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
+"override_homedir = /home/%u\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
-msgstr ""
+msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "Par défaut : Indéfini (SSSD utilisera la valeur récupérée de LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
-msgstr ""
+msgstr "fallback_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -853,42 +930,47 @@ msgstr ""
"explicitement spécifié par le fournisseur de données du domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
+"Les valeurs disponibles pour cette option sont les mêmes que pour "
+"override_homedir."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Par défaut : non défini (aucune substitution pour les répertoires d'accueil "
"non définis)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
-msgstr ""
+msgstr "override_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
+"Substitue l'interpréteur de commandes pour tous les utilisateurs. Cette "
+"option peut être spécifiée à l'échelle globale dans la section [nss] ou par "
+"domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr "allowed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -896,14 +978,14 @@ msgstr ""
"L'ordre d'évaluation est :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</"
"quote> il est utilisé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -913,7 +995,7 @@ msgstr ""
"shell_fallback » sera faite."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -922,14 +1004,14 @@ msgstr ""
"ni dans <quote>/etc/shells</quote>, une connexion sans shell est utlisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
"Une chaîne vide pour l'interpréteur de commandes est passée comme elle est à "
"la libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -939,31 +1021,31 @@ msgstr ""
"est installé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est "
"utilisé automatiquement."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
"Remplacer toutes les occurences de ces interpréteurs de commandes par "
"l'interpréteur de commandes par défaut"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr "shell_fallback (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -971,24 +1053,32 @@ msgstr ""
"commandes autorisé n'est pas installé sur la machine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "Par défaut : /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
+#, fuzzy
+#| msgid ""
+#| "The default shell to use if the provider does not return one during "
+#| "lookup. This option supersedes any other shell options if it takes effect."
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
+"Le shell par défaut à utiliser si le fournisseur n'en retourne pas un au "
+"cours de la recherche. Cette option prend le pas sur toutes les autres "
+"options de shell si elle prend effet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -998,75 +1088,79 @@ msgstr ""
"nécessaire, habituellement /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
-msgstr ""
+msgstr "get_domains_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
+"Spécifie la durée en secondes pendant laquelle la liste de sous-domaines est "
+"jugée valide."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
-msgstr ""
+msgstr "memcache_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
+"Spécifie la durée en secondes, pour laquelle les enregistrements du cache en "
+"mémoire seront valides"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Par défaut : 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr "Options de configuration de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
-"Ces options servent à configurer le service Pluggable Authentication Module "
-"(PAM)."
+"Ces options permettent de configurer le service Pluggable Authentication "
+"Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
-"Si le fournisseur d'authentification est déconnecté combien de temps "
+"Si le fournisseur d'authentification est déconnecté, combien de temps "
"autoriser les connexions à partir du cache (en jours depuis la dernière "
"connexion réussie)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "Par défaut : 0 (pas de limite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1075,97 +1169,102 @@ msgstr ""
"échouées sont autorisées."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
-"Le temps en minutes à attendre après que offline_failed_login_attempts soit "
-"atteint avant qu'une nouvelle tentative soit possible."
+"Le temps en minutes à attendre après avoir atteint "
+"offline_failed_login_attempts avant qu'une nouvelle tentative de connexion "
+"soit possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
"authentication can enable offline authentication again."
msgstr ""
+"Si la valeur est à 0, l'utilisateur ne peut s'authentifier en mode "
+"déconnecté si offline_failed_login_attempts est atteint. Seulement une "
+"connexion réussie en ligne peut réactiver l'authentification."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Par défaut : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
"Contrôle le type de messages affichés à l'utilisateur pendant le processus "
-"d'authentification. Le nombre le plus grand affichera plus de messages."
+"d'authentification. Plus le nombre est grand, plus le nombre de messages "
+"affichés sera important."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
-msgstr "Actuellement sssd supporte les valeurs :"
+msgstr "Actuellement sssd supporte les valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis> : ne pas afficher de message"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis> : afficher les messages d'information"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis> : afficher tous les messages et informations de "
"débogage"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Par défaut : 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
"ensure that authentication takes place with the latest information."
msgstr ""
-"Pour chaque requête PAM quand SSSD est déconnecté, le SSSD tentera de mettre "
-"à jour immédiatement les informations d'identité mises en cache pour "
+"Lors de chaque requête PAM quand SSSD est en mode connecté, SSSD tentera de "
+"mettre à jour immédiatement les informations d'identité mises en cache pour "
"l'utilisateur de manière à s'assurer que l'authentification se fasse avec "
"les dernières informations."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1173,142 +1272,158 @@ msgid ""
"information to avoid excessive round-trips to the identity provider."
msgstr ""
"Une conversation PAM complète peut effectuer plusieurs requêtes PAM, comme "
-"le gestionnaire de comptes et l'ouverture de session. Cette option contrôle "
-"(sur une base d'application par client) combien de temps (en secondes) est "
-"mis en cache les informations d'identité afin d'éviter de nombreux aller-"
-"retour avec le fournisseur d'identité."
+"la gestion de compte et l'ouverture de session. Cette option contrôle (par "
+"client et par application) la durée (en secondes) de mise en cache des "
+"informations d'identité afin d'éviter de nombreux aller-retour avec le "
+"fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
-msgstr "Afficher une alerte N jours avant que le mot de passe n'expire."
+msgstr "Afficher une alerte N jours avant l'expiration du mot de passe."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
"cannot display a warning."
msgstr ""
-"Veuillez noter que le serveur en arrière-plan doit fournir des informations "
-"à propos du temps d'expiration du mot de passe. Si cette information est "
-"manquante, sssd ne peut afficher de message d'alerte."
+"Noter que le moteur du service doit fournir des informations à propos du "
+"délai d'expiration du mot de passe. Si cette information est manquante, sssd "
+"ne peut afficher de message d'alerte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
+"Si la valeur est zéro, ce filtre n'est pas appliqué, c'est-à-dire que si "
+"l'avertissement d'expiration est reçu de la part du moteur du serveur, il "
+"sera automatiquement affiché."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
+"Ce paramètre peut être surchargé par le paramètre "
+"<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Par défaut : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
-msgstr ""
+msgstr "Options de configuration de SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
+"Les options suivantes peuvent être utilisées pour configurer le service sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
-msgstr ""
+msgstr "sudo_timed (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
+"Évaluation ou non des attributs sudoNotBefore et sudoNotAfter qui utilisent "
+"les entrées sudoers sensibles au temps."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
-msgstr ""
+msgstr "Options de configuration AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
-msgstr ""
+msgstr "Ces options peuvent être utilisées pour configurer le service autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
-msgstr ""
+msgstr "autofs_negative_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
+"Spécifie le délai en secondes pendant lequel le répondeur autofs stocke les "
+"réponses négatives (autrement dit, les requêtes pour les entrées de mappage "
+"non valide, comme celles qui n'existent pas) avant de demander à nouveau au "
+"moteur."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
-msgstr ""
+msgstr "Options de configuration SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
+"Les options suivantes peuvent être utilisées pour configurer le service SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
-msgstr ""
+msgstr "ssh_hash_known_hosts (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
+"Condenser ou non les noms de systèmes et adresses du fichier known_hosts"
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr "ssh_known_hosts_timeout (integer)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+"La durée en secondes pendant laquelle conserver un système dans le fichier "
+"known_hosts géré après que ses clés de système ont été demandés."
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr "Par défaut : 180"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
-msgstr ""
+msgstr "Options de configuration du répondeur PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1318,9 +1433,16 @@ msgid ""
"If the PAC is decoded and evaluated some of the following operations are "
"done:"
msgstr ""
+"Le répondeur PAC fonctionne avec le greffon de données d'autorisation pour "
+"sssd_pac_plugin.so MIT Kerberos et un fournisseur de sous-domaine. Le "
+"greffon envoie les données PAC au cours d'une authentification GSSAPI au "
+"répondeur PAC. Le fournisseur de sous-domaine recueille le SID du domaine et "
+"les plages d'ID du domaine auquel le client est lié au et des domaines "
+"approuvés distants du contrôleur de domaine local. Si les données PAC sont "
+"décodées et évaluées, les opérations suivantes sont effectuées :"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1329,140 +1451,169 @@ msgid ""
"system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
+"Si l'utilisateur distant n'existe pas dans le cache, il est créé. L'uid est "
+"calculé en fonction du SID, les domaines de confiance auront des groupes "
+"d'utilisateurs privés, et le gid aura la même valeur que l'uid. Le "
+"répertoire est défini en fonction du paramètre subdomain_homedir. Le shell "
+"sera vide par défaut, permettant l'utilisation de la valeur par défaut du "
+"système, mais peut être remplacé par le paramètre default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
+"S'il y a des SID de groupes du domaine auquel le client sssd appartient, "
+"l'utilisateur sera ajouté à ces groupes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
+"Les options suivantes peuvent être utilisées pour configurer le répondeur "
+"PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
-msgstr ""
+msgstr "allowed_uids (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
"startup."
msgstr ""
+"Spécifie la liste séparée par des virgules des UID ou noms d'utilisateurs "
+"qui sont autorisés à accéder au répondeur PAC. Les noms d'utilisateurs "
+"seront résolus en UID au démarrage."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
+"Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur "
+"PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
"access the PAC responder, which would be the typical case, you have to add 0 "
"to the list of allowed UIDs as well."
msgstr ""
+"Noter que bien que l'UID 0 est utilisé par défaut, il sera remplacé par "
+"cette option. Si vous voulez continuer à permettre à l'utilisateur root à "
+"accéder au répondeur PAC, ce qui serait un cas habituel, vous devez ajouter "
+"0 à la liste des UID d'utilisateurs autorisés."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
-msgstr "SECTIONS DOMAINE"
+msgstr "SECTIONS DOMAINES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
"Limites UID et GID pour le domaine. Si un domaine contient une entrée en "
-"dehors de ces limites, il est ignoré."
+"dehors de ces limites, elle est ignorée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
"primary group memberships, those that are in range will be reported as "
"expected."
msgstr ""
-"Pour les utilisateurs, cela affecte la limite GID primaire. L'utilisateur ne "
-"sera pas renvoyé vers NSS si l'UID ou le GID primaire sont en dehors de la "
-"plage. Pour l'appartenance à un groupe non primaire, ceux qui sont dans la "
-"plage seront rapportés comme prévu."
+"Pour les utilisateurs, cela affecte la limite des GID primaires. "
+"L'utilisateur ne sera pas renvoyé vers NSS si l'UID ou le GID primaire sont "
+"en dehors de la plage. Pour l'appartenance à un groupe non primaire, ceux "
+"qui sont dans la plage seront rapportés comme prévu."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Default: 1 for min_id, 0 (no limit) for max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerate (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
-"Détermine si un domaine peut énumérer. Ce paramètre peut avoir une des "
+"Détermine si un domaine peut être énuméré. Ce paramètre peut avoir une des "
"valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
-msgstr "TRUE = utilisateurs et groupes sont comptés"
+msgstr "TRUE = utilisateurs et groupes sont énumérés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = aucune énumération pour ce domaine"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Par défaut : FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
+#, fuzzy
+#| msgid ""
+#| "Note: Enabling enumeration has a moderate performance impact on SSSD "
+#| "while enumeration is running. It may take up to several minutes after "
+#| "SSSD startup to fully complete enumerations. During this time, "
+#| "individual requests for information will go directly to LDAP, though it "
+#| "may be slow, due to the heavy enumeration processing."
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
"Note : activer l'énumération a un impact modéré sur les performances de SSSD "
"lorsque l'énumération est en cours. Plusieurs minutes peuvent être "
-"nécessaires après le démarrage de SSSD pour terminer l'énumération complète. "
-"Pendant ce temps, les requêtes individuelles pour des informations iront "
-"directement vers LDAP, bien que plus lent et ce à cause de la charge "
-"importante liée au processus d'énumération."
+"nécessaires après le démarrage de SSSD pour terminer une énumération "
+"complète. Pendant ce temps, les requêtes individuelles pour des informations "
+"iront directement vers LDAP, bien que ce soit plus lent et ce à cause de la "
+"charge importante liée au processus d'énumération."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
-"Pendant que la première énumération est en cours, les requêtes pour des "
-"listes utilisateurs ou de groupes peut retourner des résultats vides jusqu'à "
-"complétion."
+"Lorsque la première énumération est en cours, les requêtes pour des listes "
+"utilisateurs ou de groupes peuvent retourner des résultats vides avant que "
+"l'énumération ne se termine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1471,279 +1622,344 @@ msgid ""
msgstr ""
"De plus, activer l'énumération peut augmenter le temps nécessaire pour "
"détecter la déconnexion d'un réseau, puisque des délais d'attente supérieurs "
-"sont nécessaires pour s'assurer que les requêtes d'énumération soient "
-"totalement effectuées. Pour plus d'informations, référez-vous au manuel pour "
-"le id_provider spécifique utilisé."
+"sont nécessaires pour s'assurer que les requêtes d'énumération se terminent "
+"avec succès. Pour plus d'informations, se référer au manuel pour le "
+"fournisseur d'identité spécifique utilisé."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
-"Combien de temps en secondes doit considérer nss_sss les entrées comme "
-"valides avant d'appeler à nouveau l'arrière plan"
+"La durée en secondes pendant laquelle nss_sss doit considérer les entrées "
+"comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Par défaut : 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_user_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
+"La durée en secondes pendant laquelle nss_sss doit considérer les entrées "
+"d'utilisateurs comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr "Par défaut : entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_group_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
+"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de "
+"groupes comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_netgroup_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
+"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de "
+"netgroup comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_service_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
+"La durée en secondes pendant laquelle nss_sss doit considérer les entrées de "
+"service valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
+"La durée en secondes pendant laquelle sudo doit considérer les règles comme "
+"valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
-msgstr ""
+msgstr "entry_cache_autofs_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
+"La durée en secondes pendant laquelle le service autofs doit considérer les "
+"cartes d'automontage comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr "cache_credentials (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
-"Détermine si les crédits utilisateur sont aussi mis en cache dans le cache "
-"LDB local"
+"Détermine si les données d'identification de l'utilisateur sont aussi mis en "
+"cache dans le cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
+"Les informations d'identification utilisateur sont stockées dans une table "
+"de hachage SHA512, et non en texte brut"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
"value of this parameter must be greater than or equal to "
"offline_credentials_expiration."
msgstr ""
-"Nombre de jours où les entrées sont stockées dans le cache après la dernière "
-"connexion réussie avant d'être enlevées lors du nettoyage du cache. 0 veut "
-"dire conservé pour toujours. La valeur de ce paramètre doit être supérieur "
-"ou égal à offline_credentials_expiration."
+"Durée en jours pendant laquelle les entrées sont stockées dans le cache "
+"après la dernière connexion réussie, avant d'être enlevées lors du nettoyage "
+"du cache. 0 signifie qu'elles sont conservées indéfiniment. La valeur de ce "
+"paramètre doit être supérieur ou égal à offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
-msgstr "Défault: 0 (illimité)"
+msgstr "Par défaut : 0 (illimité)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
-msgstr ""
+msgstr "pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
"cannot display a warning. Also an auth provider has to be configured for the "
"backend."
msgstr ""
+"Veuillez noter que le moteur du service doit fournir des informations à "
+"propos du délai d'expiration du mot de passe. Si cette information est "
+"manquante, sssd ne peut afficher de message d'alerte. De plus, un "
+"fournisseur oauth doit être configuré pour le moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
+"Le fournisseur d'identification utilisé pour le domaine. Les fournisseurs "
+"d'identification pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
-msgstr "proxy: supporte l'ancien protocole NSS"
+#: sssd.conf.5.xml:1165
+#, fuzzy
+#| msgid "proxy: Support a legacy NSS provider"
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
+msgstr "proxy : prend en charge un ancien fournisseur NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
+"<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
"information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> : fournisseur LDAP. Cf. "
+"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration de "
+"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
"FreeIPA."
msgstr ""
+"<quote>ipa</quote> : fournisseur FreeIPA et Red Hat Enterprise Identity "
+"Management. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> pour plus d'informations sur la "
+"configuration de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Active Directory."
msgstr ""
+"<quote>ad</quote> : fournisseur Active Directory. Cf. "
+"<citerefentry><refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration "
+"d'Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
+"Utiliser le nom complet et le domaine (comme formaté par le paramètre "
+"full_name_format du domaine) comme nom de connexion de l'utilisateur "
+"communiqué à NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
"<command>getent passwd test</command> wouldn't find the user while "
"<command>getent passwd test@LOCAL</command> would."
msgstr ""
-"Si c'est potisionné à TRUE, toutes les requêtes de ce domaine utilisent des "
-"domaines totalement qualifiés. Par exemple, si c'est utilisé dans le domaine "
-"LOCAL contenant un utilisateur « test », <command>getent passwd test</"
-"command> ne trouvera pas l'utilisateur avant que <command>getent passwd "
-"test@LOCAL</command> ne le trouve."
+"Si défini à TRUE, toutes les requêtes pour ce domaine doivent utiliser des "
+"noms pleinement qualifiés. Par exemple, pour un utilisateur « test » dans un "
+"domaine LOCAL, <command>getent passwd test</command> ne trouvera pas "
+"l'utilisateur avant que <command>getent passwd test@LOCAL</command> ne le "
+"trouve."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ipa_netgroup_member_user (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ipa_netgroup_member_user (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
"Le fournisseur d'authentification utilisé pour le domaine. Les fournisseurs "
-"autorisés sont :"
+"pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
-"<quote>ldap</quote> pour une authentification LDAP native. Voir "
+"<quote>ldap</quote> pour une authentification LDAP native. Cf. "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> pour plus d'informations sur la configuration de "
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
-"<quote>krb5</quote> pour une authentification Kerberos. Voir <citerefentry> "
+"<quote>krb5</quote> pour une authentification Kerberos. Cf. <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> pour plus d'informations sur la configuration de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -1751,105 +1967,107 @@ msgstr ""
"PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> désactive l'authentification explicitement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
-"Par défaut : <quote>id_provider</quote> est utilisé s'il est définit et peut "
+"Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut "
"gérer les requêtes d'authentification."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
"Internal special providers are:"
msgstr ""
"Le fournisseur de contrôle d'accès utilisé pour le domaine. Il y a deux "
-"fournisseurs d'accès préconstruits (en plus de ceux disponibles en arrière-"
-"plan). Les fournisseurs internes spécifiques sont :"
+"fournisseurs d'accès natifs (en plus de ceux disponibles dans les moteurs "
+"installés). Les fournisseurs internes spécifiques sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
+"<quote>permit</quote> toujours autoriser l'accès. C'est le seul fournisseur "
+"d'accès autorisé pour un domaine local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
-msgstr "<quote>deny</quote> refuser l'accès de manière permanente.."
+msgstr "<quote>deny</quote> toujours refuser les accès."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry> for more information on configuring the simple "
"access module."
msgstr ""
-"Contrôle d'accès <quote>simple</quote> basé sur des listes d'accès ou de "
-"refus. Voir <citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
-"<manvolnum>5</manvolnum></citerefentry> pour plus d'informations sur la "
-"configuration du module d'accès simple."
+"Contrôle d'accès <quote>simple</quote> basé sur des listes d'autorisations "
+"ou de refus d'accès. Cf. <citerefentry> <refentrytitle>sssd-simple</"
+"refentrytitle> <manvolnum>5</manvolnum></citerefentry> pour plus "
+"d'informations sur la configuration du module d'accès simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr "Par défaut : <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr "chpass_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
-"Le fournisseur qui devrait gérer le changement des mots de passe pour le "
-"domaine. Les fournisseurs acceptés sont :"
+"Le fournisseur qui doit gérer le changement des mots de passe pour le "
+"domaine. Les fournisseurs pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring LDAP."
msgstr ""
-"<quote>ldap</quote> pour changer le mot de passe stocké sur un serveur LDAP. "
-"Voir <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
-"manvolnum> </citerefentry> pour plus d'informations sur la configuration du "
-"serveur LDAP."
+"<quote>ldap</quote> pour modifier un mot de passe stocké sur un serveur "
+"LDAP. Cf. <citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> pour plus d'informations sur la "
+"configuration LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring Kerberos."
msgstr ""
-"<quote>krb5</quote> pour changer le mot de passe Kerberos. Voir "
+"<quote>krb5</quote> pour changer le mot de passe Kerberos. Cf. "
"<citerefentry> <refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> pour plus d'informations sur la configuration de "
"Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1857,210 +2075,262 @@ msgstr ""
"autre cible PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
-"<quote>none</quote> désactiver le changement de mot de passe explicitement."
+"<quote>none</quote> pour désactiver explicitement le changement de mot de "
+"passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
-"Par défaut : <quote>auth_provider</quote> est utilisé si il est définit et "
+"Par défaut : <quote>auth_provider</quote> est utilisé si il est défini et "
"peut gérer les changements de mot de passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
-msgstr ""
+msgstr "sudo_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
+"Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en "
+"charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> pour les règles stockés dans LDAP. Voir "
+"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration de "
+"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
-msgstr ""
+msgstr "<quote>none</quote> désactive explicitement SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle "
"est définie."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
-msgstr ""
+msgstr "selinux_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
"providers are:"
msgstr ""
+"Le fournisseur qui doit gérer le chargement des paramètres de selinux. "
+"Remarque : ce fournisseur sera appelé juste après la fin de l'appel au "
+"fournisseur d'accès. Les fournisseurs selinux pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> pour charger les paramètres selinux depuis un serveur "
+"IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration de "
+"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
+"<quote>none</quote> n'autorise pas la récupération explicite des paramètres "
+"selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
+"Par défaut : <quote>id_provider</quote> est utilisé s'il est défini et peut "
+"gérer le chargement selinux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
-msgstr ""
+msgstr "subdomains_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
+#, fuzzy
+#| msgid ""
+#| "The provider which should handle fetching of subdomains. This value "
+#| "should be always the same as id_provider. Supported subdomain providers "
+#| "are:"
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
+"Le fournisseur doit être capable de gérer la récupération des sous-"
+"domaines. Cette valeur doit être toujours identique à id_provider. Les "
+"fournisseurs de sous-domaine pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> pour charger une liste de sous-domaines depuis un serveur "
+"IPA. Cf. <citerefentry><refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration de "
+"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "Par défaut : aucun"
+"<quote>none</quote> désactive la récupération explicite des sous-domaines."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
-msgstr ""
+msgstr "autofs_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
+"Le fournisseur autofs utilisé pour le domaine. Les fournisseurs autofs pris "
+"en charge sont&nbsp;:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring LDAP."
msgstr ""
+"<quote>ldap</quote> pour charger les cartes stockées dans LDAP. Cf. "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> pour plus d'informations sur la configuration de "
+"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> pour charger les cartes stockées sur un serveur IPA. Cf. "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> pour plus d'information sur la configuration de "
+"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
-msgstr ""
+msgstr "<quote>none</quote> désactive explicitement autofs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
-msgstr ""
+msgstr "hostid_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
+"Le fournisseur utilisé pour récupérer les informations d'identité des "
+"systèmes. Les fournisseurs de hostid pris en charge sont&nbsp;:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> for more information on configuring IPA."
msgstr ""
+"<quote>ipa</quote> pour charge l'identité du système stockée sur un serveur "
+"IPA. Cf. <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> pour plus d'informations sur la "
+"configuration de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
-msgstr ""
+msgstr "<quote>none</quote> désactive explicitement hostid."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
+"Expressions rationnelles qui décrivent la manière d'analyser les chaînes "
+"contenant les informations utilisateur et domaine dans ces composants."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
"P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles for "
"user names:"
msgstr ""
+"Valeur par défaut pour les fournisseurs AD et IPA : <quote>(((?P&lt;"
+"domain&gt;[^\\\\]+)\\\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;"
+"domain&gt;.+$))|(^(?P&lt;name&gt;[^@\\\\]+)$))</quote> qui utilisent trois "
+"styles différents pour les noms d'utilisateurs :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
-msgstr ""
+msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
-msgstr ""
+msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
-msgstr ""
+msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
+"Bien que les deux premiers correspondent à la valeur par défaut en général "
+"le troisième est introduit pour permettre une intégration facile des "
+"utilisateurs de domaines Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2071,46 +2341,49 @@ msgstr ""
"importe le domaine après »"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
"version 7 or higher can support non-unique named subpatterns."
msgstr ""
-"REMARQUE : le support pour des sous-modèle de noms non-uniques n'est pas "
-"disponibles sur certaines plateformes (e.g. RHEL5 et SLES10). Seules les "
-"plateformes avec libpcre en version 7 ou supérieure supportent cette "
-"fonction."
+"REMARQUE : la prise en charge de sous-motifs nommés multiples n'est pas "
+"disponible sur certaines plates-formes (par exemple, RHEL5 et SLES10). "
+"Seules les plates-formes avec libpcre version 7 ou supérieure peuvent "
+"prendre en charge les sous-motifs nommés multiples."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
-"AUTRE REMARQUE : les anciennes versions de libpcrene supportent que la "
-"syntaxe Python (?P&lt;name&gt;) pour nommer les sous-modèles."
+"REMARQUE ADDITIONNELLE : les anciennes versions de libpcre ne supportent que "
+"la syntaxe Python (?P&lt;name&gt;) pour nommer les sous-motifs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
"a (name, domain) tuple for this domain into a fully qualified name."
msgstr ""
+"Un format compatible avec <citerefentry> <refentrytitle>printf</"
+"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant la "
+"traduction (nom, domaine) d'un tuple en un domaine pleinement qualifé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Par défaut : <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2119,143 +2392,156 @@ msgstr ""
"utiliser pour effectuer les requêtes DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
-msgstr "Valeurs autorisées :"
+msgstr "Valeurs prises en charge :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
-"ipv4_first : essaye de chercher une IPv4, si ça échoue, essaye une IPv6."
+"ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, "
+"essayer IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
-"ipv4_only : ne tente de résoudre que les noms de domaines en adresses IPv4."
+"ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
-"ipv6_first : essaye de chercher une IPv6, si ça échoue, essaye une IPv4."
+"ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter "
+"IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
-"ipv6_only : ne tente de résoudre que les noms de domaines en adresses IPv6."
+"ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "Par défaut : ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
"the domain will continue to operate in offline mode."
msgstr ""
-"Définit le temps (en secondes) à attendre la réponse de l'interpréteur DNS "
-"avant de considérer qu'il est injoignable. Si ce délai maximum est atteint, "
-"le domaine continuera en mode déconnecté."
+"Délai (en secondes) d'attente de la réponse du résolveur DNS avant de "
+"considérer qu'il est injoignable. Si ce délai maximum est atteint, le "
+"domaine continuera à opérer en mode déconnecté."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
-"Si le service de recherche est utilisé comme programme principal, on "
-"spécifie ainsi la partie du domaine faisant partie du service de recherche "
-"de DNS."
+"Si la découverte de services est utilisé par le moteur, spécifie la partie "
+"du domaine faisant partie de la requête DNS de découverte de services."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
-"Par défaut : utilise la partie du domaine qui est dans le nom d'hôte de la "
-"machine."
+"Par défaut : utiliser la partie du domaine qui est dans le nom de système de "
+"la machine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr "override_gid (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr "Redéfinit le GID primaire avec la valeur spécifiée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
+"Traiter les utilisateur et les noms de groupes comme sensible à la casse. "
+"Actuellement, cette option n'est pas supportée dans le fournisseur local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr "Par défaut : True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
-msgstr ""
+msgstr "proxy_fast_alias (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
"name was an alias. Setting this option to true would cause the SSSD to "
"perform the ID lookup from cache for performance reasons."
msgstr ""
+"Quand un utilisateur ou un groupe est recherché par son nom dans le "
+"fournisseur proxy, une deuxième recherche par ID est effectuée pour "
+"récupérer le nom canonique, dans le cas où le nom demandé serait un alias. "
+"Cette option positionnée à true active la recherche par l'ID dans le cache "
+"afin d'améliorer les performances."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
-msgstr ""
+msgstr "subdomain_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
+"Utiliser ce répertoire utilisateur comme valeur par défaut pour tous les "
+"sous-domaines dans ce domaine. Voir <emphasis>override_homedir</emphasis> "
+"pour des informations sur les valeurs possibles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
+"La valeur peut être surchargée par l'option <emphasis>override_homedir</"
+"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Par défaut : <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2267,42 +2553,42 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
-msgstr "Le proxy cible auquel PAM devient mandataire."
+msgstr "Le proxy cible duquel PAM devient mandataire."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
-"Par défaut : non défini, vous devez prendre une configuration de pam "
-"exsitante ou créer une nouvelle et ajouter le nom de service ici."
+"Par défaut : non défini, il faut utiliser une configuration de pam existante "
+"ou en créer une nouvelle et ajouter le nom de service ici."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
"for example _nss_files_getpwent."
msgstr ""
"Le nom de la bibliothèque NSS à utiliser dans les domaines proxy. Les "
-"recherches de fonctions NSS dans la bibliothèque sont sous la forme de _nss_"
+"recherches de fonctions NSS dans la bibliothèque sont sous la forme _nss_"
"$(libName)_$(function), par exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2311,12 +2597,12 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "La section du domaine local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2327,48 +2613,48 @@ msgstr ""
"dire un domaine qui utilise <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'interpréteur de commandes par défaut pour les utilisateurs créés avec les "
-"outils de l'espace utilisateur SSSD."
+"outils en espace utilisateur SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Par défaut : <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
"Les outils ajoutent le nom d'utilisateur à <replaceable>base_directory</"
-"replaceable> et l'utilise comme dossier personnel."
+"replaceable> et l'utilisent comme dossier personnel."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "Par défaut : <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2377,31 +2663,31 @@ msgstr ""
"utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Par défaut : TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
-"Indiquer si un dossier personnel doit être supprimé par défaut à la "
+"Indiquer si un dossier personnel doit par défaut être supprimé à la "
"suppression des utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2412,17 +2698,17 @@ msgstr ""
"défaut sur un répertoire personnel nouvellement créé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "Par défaut : 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2435,60 +2721,60 @@ msgstr ""
"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Par défaut : <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
"default value is used."
msgstr ""
"Le répertoire de gestion des e-mails. Nécessaire pour manipuler les boîtes e-"
-"mail quand l'utilisateur est modifié ou supprimé. Si non précisé, une valeur "
-"par défaut est utilisée."
+"mail quand les comptes utilisateurs sont modifiés ou supprimés. Si non "
+"précisé, la valeur par défaut est utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "Par défaut : <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
"return code of the command is not taken into account."
msgstr ""
-"La commande exécutée quand un utilisateur est supprimé. La commande a comme "
-"seul argument l'utilisateur qui doit être supprimé. Le code en retour de la "
-"commande n'est pas pris en compte."
+"La commande qui est exécutée quand un utilisateur est supprimé. La commande "
+"a comme seul argument le nom de l'utilisateur qui doit être supprimé. Le "
+"code en retour de la commande n'est pas pris en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "Par défaut : None, aucune commande lancée"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2542,7 +2828,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2577,7 +2863,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:35
msgid "You can configure SSSD to use more than one LDAP domain."
-msgstr "Vous pouvez configurer SSSD pour utiliser plus d'un domaine LDAP."
+msgstr ""
+"Il est possible de configurer SSSD pour utiliser plus d'un domaine LDAP."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:38
@@ -2592,15 +2879,15 @@ msgid ""
msgstr ""
"Le moteur de traitement LDAP prend en charge les fournisseurs id, auth, "
"access et chpass. Si vous voulez vous authentifier sur un serveur LDAP, il "
-"vous faut TLS/SSL ou LDAPS. <command>sssd</command> <emphasis>ne supporte "
-"pas</emphasis> l'authentification sur un canal non chiffré. Si le serveur "
-"LDAP est utilisé seulement comme fournisseur d'identité, un canal crypté "
-"n'est pas nécessaire. Se référer aux options de configurations "
+"vous faut utiliser TLS/SSL ou LDAPS. <command>sssd</command> <emphasis>ne "
+"prend pas en charge</emphasis> l'authentification sur un canal non chiffré. "
+"Si le serveur LDAP est utilisé seulement comme fournisseur d'identité, un "
+"canal crypté n'est pas nécessaire. Se référer aux options de configurations "
"<quote>ldap_access_filter</quote> pour plus d'information sur l'utilisation "
"en tant que fournisseur d'accès."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "OPTIONS DE CONFIGURATION"
@@ -2608,7 +2895,7 @@ msgstr "OPTIONS DE CONFIGURATION"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:60
msgid "ldap_uri, ldap_backup_uri (string)"
-msgstr ""
+msgstr "ldap_uri, ldap_backup_uri (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
@@ -2619,6 +2906,12 @@ msgid ""
"neither option is specified, service discovery is enabled. For more "
"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"Spécifie par ordre de préférence la liste séparée par des virgules d'URI des "
+"serveurs LDAP auquel doit se connecter SSSD. Se reporter à la section de "
+"<quote>BASCULEMENT</quote> pour plus d'informations sur le basculement et la "
+"redondance de serveurs. Si aucune de ces options n'est spécifiée, la "
+"découverte d'un service est activé. Pour plus d'informations, se reporter à "
+"la section de <quote>DÉCOUVERTE DE SERVICE</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:70
@@ -2647,7 +2940,7 @@ msgstr "exemple : ldap://[fc00::126:25]:389"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:85
msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
-msgstr ""
+msgstr "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:88
@@ -2657,18 +2950,22 @@ msgid ""
"Refer to the <quote>FAILOVER</quote> section for more information on "
"failover and server redundancy."
msgstr ""
+"Spécifie la liste d'URI séparée par des virgules des serveurs LDAP auquel "
+"doit se connecter DSSD par ordre de préférence pour changer le mot de passe "
+"d'un utilisateur. Reportez-vous à la section de <quote>basculement</quote> "
+"pour plus d'informations sur le repli et la redondance de serveurs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:95
msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
msgstr ""
-"Pour activer la recherche de service ldap_chpass_dns_service_name doit être "
-"défini."
+"Pour activer la découverte de services, ldap_chpass_dns_service_name doit "
+"être défini."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:99
msgid "Default: empty, i.e. ldap_uri is used."
-msgstr "Par défaut : vide, c'est-à-dire ldap_uri est utilisé."
+msgstr "Par défaut : vide, ldap_uri est donc utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:105
@@ -2679,8 +2976,8 @@ msgstr "ldap_search_base (chaîne)"
#: sssd-ldap.5.xml:108
msgid "The default base DN to use for performing LDAP user operations."
msgstr ""
-"La base DN par défaut à utiliser pour effectuer les opérations LDAP "
-"utilisateur."
+"Le DN de base par défaut à utiliser pour effectuer les opérations LDAP sur "
+"les utilisateurs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:112
@@ -2694,12 +2991,12 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:116
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
-msgstr ""
+msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:119
msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
-msgstr ""
+msgstr "La portée peut être l'une des « base », « onelevel » ou « subtree »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:122
@@ -2707,6 +3004,8 @@ msgid ""
"The filter must be a valid LDAP search filter as specified by http://www."
"ietf.org/rfc/rfc2254.txt"
msgstr ""
+"Le filtre doit être un filtre de recherche LDAP valide tel que spécifié par "
+"http://www.ietf.org/rfc/rfc2254.txt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:126
@@ -2719,6 +3018,8 @@ msgid ""
"ldap_search_base = dc=example,dc=com (which is equivalent to) "
"ldap_search_base = dc=example,dc=com?subtree?"
msgstr ""
+"ldap_search_base = dc=example,dc=com (ce qui équivaut à) ldap_search_base = "
+"dc=example,dc=com?subtree?"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:134
@@ -2726,6 +3027,8 @@ msgid ""
"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
"(host=thishost)?dc=example.com?subtree?"
msgstr ""
+"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
+"(host=thishost)?dc=example.com?subtree?"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:137
@@ -2735,6 +3038,10 @@ msgid ""
"different search bases). This will lead to unpredictable behavior on client "
"machines."
msgstr ""
+"Remarque : Il est n'est pas possible d'avoir plusieurs bases de recherche "
+"qui référencent des objets portant le même nom (par exemple, les groupes "
+"portant le même nom dans deux bases de recherche différents). Cela conduira "
+"à un comportement imprévisible sur les ordinateurs clients."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:144
@@ -2746,6 +3053,12 @@ msgid ""
"the search base of the LDAP server to make this work. Multiple values are "
"are not supported."
msgstr ""
+"Par défaut : si non définie, les valeurs des attributs defaultNamingContext "
+"ou namingContexts du RootDSE du serveur LDAP sont utilisées. Si "
+"defaultNamingContext n'existe pas ou a une valeur vide, namingContexts est "
+"utilisé. Les attributs namingContexts doivent avoir une seule valeur avec un "
+"DN de base de recherche pour le serveur LDAP pour que cela fonctionne. Des "
+"valeurs multiples ne sont pas permises."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:158
@@ -2759,31 +3072,35 @@ msgid ""
"the selected schema, the default attribute names retrieved from the servers "
"may vary. The way that some attributes are handled may also differ."
msgstr ""
+"Spécifie le type de schéma utilisé sur le serveur LDAP cible. Selon le "
+"schéma sélectionné, les noms d'attributs par défaut provenant des serveurs "
+"peuvent varier. La manière dont certains attributs sont traités peut-être "
+"également différer."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:168
msgid "Four schema types are currently supported:"
-msgstr ""
+msgstr "Quatre types de schéma sont actuellement pris en charge :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:172
msgid "rfc2307"
-msgstr ""
+msgstr "rfc2307"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:177
msgid "rfc2307bis"
-msgstr ""
+msgstr "rfc2307bis"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:182
msgid "IPA"
-msgstr ""
+msgstr "IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:187
msgid "AD"
-msgstr ""
+msgstr "AD"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:193
@@ -2795,6 +3112,13 @@ msgid ""
"attribute. The AD schema type sets the attributes to correspond with Active "
"Directory 2008r2 values."
msgstr ""
+"La principale différence entre ces types de schéma est la façon dont les "
+"appartenances aux groupes sont enregistrés dans le serveur. Avec rfc2307, "
+"les membres du groupe sont répertoriées par nom dans l'attribut "
+"<emphasis>memberUid</emphasis>. Avec rfc2307bis et IPA, les membres du "
+"groupe sont répertoriés par DN et stockées dans l'attribut de "
+"<emphasis>member</emphasis>. Le type de schéma AD définit les attributs "
+"correspondant aux valeurs d'Active Directory 2008r2."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:203
@@ -2810,7 +3134,7 @@ msgstr "ldap_default_bind_dn (chaîne)"
#: sssd-ldap.5.xml:212
msgid "The default bind DN to use for performing LDAP operations."
msgstr ""
-"La liaison DN par défaut à utiliser pour effectuer les opérations LDAP."
+"Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:219
@@ -2820,7 +3144,8 @@ msgstr "ldap_default_authtok_type (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:222
msgid "The type of the authentication token of the default bind DN."
-msgstr "Le type de jeton d'authentification pour le lien DN par défaut."
+msgstr ""
+"Le type de jeton d'authentification pour le DN de connexion par défaut."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:226
@@ -2853,8 +3178,8 @@ msgid ""
"The authentication token of the default bind DN. Only clear text passwords "
"are currently supported."
msgstr ""
-"Le jeton d'authentification pour le lien DN par défaut. Seulement des mots "
-"de passe en clair sont actuellement pris en charge."
+"Le jeton d'authentification pour le DN de connexion par défaut. Seuls les "
+"mots de passe en clair sont actuellement pris en charge."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:251
@@ -2864,12 +3189,12 @@ msgstr "ldap_user_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:254
msgid "The object class of a user entry in LDAP."
-msgstr "La classe objet d'une entrée utilisateur dans LDAP."
+msgstr "La classe d'objet d'une entrée utilisateur dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:257
msgid "Default: posixAccount"
-msgstr "Par défaut: posixAccount"
+msgstr "Par défaut : posixAccount"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:263
@@ -2879,7 +3204,8 @@ msgstr "ldap_user_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:266
msgid "The LDAP attribute that corresponds to the user's login name."
-msgstr "l'attribut LDAP correspondant au nom de connexion utilisateur."
+msgstr ""
+"L'attribut LDAP correspondant à l'identifiant de connexion de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:270
@@ -2894,7 +3220,7 @@ msgstr "ldap_user_uid_number (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:279
msgid "The LDAP attribute that corresponds to the user's id."
-msgstr "L'attribut LDAP correspondant à l'id utilisateur."
+msgstr "L'attribut LDAP correspondant à l'id de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:283
@@ -2910,7 +3236,7 @@ msgstr "ldap_user_gid_number (chaîne)"
#: sssd-ldap.5.xml:292
msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
-"L'attribut LDAP correspondant à l'utilisateur ayant l'id du groupe primaire."
+"L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
@@ -2946,7 +3272,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:322
msgid "Default: homeDirectory"
-msgstr "Par défaut : Répertoire_personnel"
+msgstr "Par défaut : homeDirectory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:328
@@ -2974,7 +3300,7 @@ msgstr "ldap_user_uuid (chaîne)"
#: sssd-ldap.5.xml:344
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
-"L'attribut LDAP qui contient les UUID/GUID d'un objet utilisateur LDAP."
+"L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
@@ -2984,7 +3310,7 @@ msgstr "Par défaut : nsUniqueId"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:354
msgid "ldap_user_objectsid (string)"
-msgstr ""
+msgstr "ldap_user_objectsid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:357
@@ -2992,6 +3318,8 @@ msgid ""
"The LDAP attribute that contains the objectSID of an LDAP user object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
+"L'attribut LDAP qui contient l'objectSID d'un objet d'utilisateur LDAP. Ceci "
+"n'est habituellement nécessaire que pour les serveurs Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
@@ -3032,10 +3360,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
"the last password change)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de "
-"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (date de changement "
-"du dernier mot de passe)."
+"Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le "
+"nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> (date de changement du dernier mot de passe)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:395
@@ -3055,10 +3383,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
"password age)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de "
-"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (durée de validité "
-"minimum du mot de passe)."
+"Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le "
+"nom de l'attribut LDAP correspondant à sa contrepartie<citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> (durée de validité minimum du mot de passe)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:413
@@ -3078,10 +3406,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
"password age)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de "
-"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (âge maximum du mot "
-"de passe)."
+"Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le "
+"nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> (âge maximum du mot de passe)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:431
@@ -3101,10 +3429,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password warning period)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de "
-"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (période "
-"d'avertissement du mot de passe)."
+"Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le "
+"nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> (période d'avertissement du mot de passe)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:450
@@ -3124,10 +3452,10 @@ msgid ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
"(password inactivity period)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow, ce paramètre contient le nom de "
-"l'attribut LDAP correspondant à <citerefentry> <refentrytitle>shadow</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> (période "
-"d'inactivité du mot de passe)."
+"Lors de l'utilisation de ldap_pwd_policy=shadow, ce paramètre contient le "
+"nom de l'attribut LDAP correspondant à sa contrepartie <citerefentry> "
+"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> (période d'inactivité du mot de passe)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:469
@@ -3147,8 +3475,9 @@ msgid ""
"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> counterpart (account expiration date)."
msgstr ""
-"En utilisant ldap_pwd_policy=shadow ou ldap_account_expire_policy=shadow, ce "
-"paramètre contient le nom de l'attribut LDAP correspondant à <citerefentry> "
+"Lors de l'utilisation de ldap_pwd_policy=shadow ou "
+"ldap_account_expire_policy=shadow, ce paramètre contient le nom de "
+"l'attribut LDAP correspondant à sa contrepartie <citerefentry> "
"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> (date d'expiration du compte)."
@@ -3169,9 +3498,9 @@ msgid ""
"an LDAP attribute storing the date and time of last password change in "
"kerberos."
msgstr ""
-"En utilisant ldap_pwd_policy=mit_kerberos, ce paramètre contient le nom d'un "
-"attribut LDAP stockant la date et l'heure du dernier changement de mot de "
-"passe dans kerberos."
+"Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient "
+"le nom de l'attribut LDAP stockant la date et l'heure du dernier changement "
+"de mot de passe dans kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:503
@@ -3189,9 +3518,9 @@ msgid ""
"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
"an LDAP attribute storing the date and time when current password expires."
msgstr ""
-"En utilisant ldap_pwd_policy=mit_kerberos, ce paramètre contient le nom d'un "
-"attribut LDAP stockant la date et l'heure d'expiration du mot de passe "
-"actuel."
+"Lors de l'utilisation de ldap_pwd_policy=mit_kerberos, ce paramètre contient "
+"le nom de l'attribut LDAP stockant la date et l'heure d'expiration du mot de "
+"passe actuel."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:518
@@ -3209,8 +3538,8 @@ msgid ""
"When using ldap_account_expire_policy=ad, this parameter contains the name "
"of an LDAP attribute storing the expiration time of the account."
msgstr ""
-"En utilisant ldap_account_expire_policy=ad, ce paramètre contient le nom "
-"d'un attribut LDAP stockant la date d'expiration du compte."
+"Lors de l'utilisation de ldap_account_expire_policy=ad, ce paramètre "
+"contient le nom d'un attribut LDAP stockant la date d'expiration du compte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:532
@@ -3318,7 +3647,7 @@ msgid ""
"The LDAP attribute that contains the user's Kerberos User Principal Name "
"(UPN)."
msgstr ""
-"L'attribut LDAP qui contient le nom principal d'utilisateur (UPN) Kerberos "
+"L'attribut LDAP contenant le nom du principal d'utilisateur (UPN) Kerberos "
"de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -3329,12 +3658,12 @@ msgstr "Par défaut : krbPrincipalName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:620
msgid "ldap_user_ssh_public_key (string)"
-msgstr ""
+msgstr "ldap_user_ssh_public_key (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:623
msgid "The LDAP attribute that contains the user's SSH public keys."
-msgstr ""
+msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:630
@@ -3349,10 +3678,10 @@ msgid ""
"fail. Set this option to a non-zero value if you want to use an upper-case "
"realm."
msgstr ""
-"Quelques répertoires serveur, par exemple Active Directory, peuvent délivrer "
-"la partie réelle de l'UPN en minuscule, ce qui peut faire échouer "
+"Certains serveurs d'annuaire, comme par exemple Active Directory, peuvent "
+"délivrer la partie domaine de l'UPN en minuscules, ce qui peut faire échouer "
"l'authentification. Définir cette option à une valeur non nulle pour "
-"utiliseur une version en majuscule."
+"utiliser un nom de domaine en majuscules."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:646
@@ -3365,11 +3694,13 @@ msgid ""
"Specifies how many seconds SSSD has to wait before refreshing its cache of "
"enumerated records."
msgstr ""
+"Spécifie la durée en secondes pendant laquelle SSSD doit attendre avant "
+"d'actualiser son cache d\"énumération d'enregistrements."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:660
msgid "ldap_purge_cache_timeout (integer)"
-msgstr ""
+msgstr "ldap_purge_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:663
@@ -3378,9 +3709,9 @@ msgid ""
"with no members and users who have never logged in) and remove them to save "
"space."
msgstr ""
-"Déterminer la fréquence pour vérifier le cache pour des entrées inactives "
-"(telles que les groupes sans membres et utilisateurs qui ne se sont jamais "
-"connectés) et les supprimer pour sauvegarder de l'espace."
+"Détermine la fréquence de vérification de la présence d'entrées inactives "
+"dans le cache (telles que groupes sans membres et utilisateurs ne s'étant "
+"jamais connectés) et de suppression pour économiser de l'espace."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:669
@@ -3401,12 +3732,12 @@ msgstr "ldap_user_fullname (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:682
msgid "The LDAP attribute that corresponds to the user's full name."
-msgstr "L'attribut LDAP qui correspond au nom complet de l'utilisateur."
+msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "Par défaut : cn"
@@ -3418,10 +3749,11 @@ msgstr "ldap_user_member_of (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:695
msgid "The LDAP attribute that lists the user's group memberships."
-msgstr "L'attribut LDAP qui liste l'appartenance au groupe de l'utilisateur."
+msgstr ""
+"L'attribut LDAP énumérant les groupes auquel appartient un utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr "Par défaut : memberOf"
@@ -3437,8 +3769,8 @@ msgid ""
"use the presence of the authorizedService attribute in the user's LDAP entry "
"to determine access privilege."
msgstr ""
-"Si access_provider=ldap et ldap_access_order=authorized_service, SSSD "
-"utilisera la présence de l'attribut authorizedService dans l'entrée LDAP de "
+"Lorsque access_provider=ldap et ldap_access_order=authorized_service, SSSD "
+"utilise la présence de l'attribut authorizedService dans l'entrée LDAP de "
"l'utilisateur pour déterminer les autorisations d'accès."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -3448,7 +3780,7 @@ msgid ""
"explicit allow (svc) and finally for allow_all (*)."
msgstr ""
"Le refus explicite (!svc) est résolu en premier. Ensuite, SSSD cherche une "
-"autorisation explicite (svc) et enfin toutes les autorisations (*)."
+"autorisation explicite (svc) et enfin allow_all (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
@@ -3493,7 +3825,7 @@ msgstr "ldap_group_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:749
msgid "The object class of a group entry in LDAP."
-msgstr "La classe objet d'une entrée de groupe dans LDAP."
+msgstr "La classe d'objet d'une entrée de groupe dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:752
@@ -3508,7 +3840,7 @@ msgstr "ldap_group_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:761
msgid "The LDAP attribute that corresponds to the group name."
-msgstr "L'attribut LDAP qui correspond au nom du groupe."
+msgstr "L'attribut LDAP correspondant au nom du groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:771
@@ -3518,7 +3850,7 @@ msgstr "ldap_group_gid_number (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:774
msgid "The LDAP attribute that corresponds to the group's id."
-msgstr "L'attribut LDAP qui correspond à l'identifiant de groupe."
+msgstr "L'attribut LDAP correspondant à l'identifiant de groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:784
@@ -3528,12 +3860,12 @@ msgstr "ldap_group_member (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:787
msgid "The LDAP attribute that contains the names of the group's members."
-msgstr "L'attribut LDAP qui contient les noms des membres de groupe."
+msgstr "L'attribut LDAP contenant les noms des membres du groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:791
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
-msgstr "Par défaut : uid de membre (rfc2307) / membre (rfc2307bis)"
+msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:797
@@ -3543,12 +3875,12 @@ msgstr "ldap_group_uuid (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:800
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
-msgstr "L'attribut LDAP qui contient les UUID/GUID d'un groupe objet LDAP."
+msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet groupe LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:810
msgid "ldap_group_objectsid (string)"
-msgstr ""
+msgstr "ldap_group_objectsid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:813
@@ -3556,6 +3888,8 @@ msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
+"L'attribut LDAP qui contient l'objectSID d'un objet de groupe LDAP. Ceci "
+"n'est habituellement nécessaire que pour les serveurs Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:825
@@ -3574,9 +3908,10 @@ msgid ""
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
"follow. This option has no effect on the RFC2307 schema."
msgstr ""
-"Si ldap_schema est définit comme un format qui supporte les groupes liés (e."
-"g. RFC2307bis), alors cette option contrôle le nombre de niveaux liés SSSD à "
-"suivre. Cette option n'a pas d'effet sur le schéma RFC2307."
+"Si ldap_schema est défini comme un format prenant en charge les groupes "
+"imbriqués (par exemple RFC2307bis), alors cette option contrôle le nombre de "
+"niveaux d'imbrication que SSSD suivra. Cette option n'a pas d'effet sur le "
+"schéma RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:848
@@ -3586,7 +3921,7 @@ msgstr "Par défaut : 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:854
msgid "ldap_groups_use_matching_rule_in_chain"
-msgstr ""
+msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:857
@@ -3595,6 +3930,10 @@ msgid ""
"feature which may speed up group lookup operations on deployments with "
"complex or deep nested groups."
msgstr ""
+"Cette option indique à SSSD de tirer parti d'une fonctionnalité Active "
+"Directory spécifique qui peut accélérer les opérations de recherche de "
+"groupe sur les déploiements utilisant des groupes profondément imbriqués et "
+"complexes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:863
@@ -3602,6 +3941,9 @@ msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
+"Dans la plupart des cas, il est préférable de laisser cette option "
+"désactivée. Elle ne fournit une augmentation des performances que sur les "
+"imbrications très complexes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
@@ -3610,6 +3952,9 @@ msgid ""
"supports it during initial connection. So \"True\" here essentially means "
"\"auto-detect\"."
msgstr ""
+"Si cette option est activée, SSSD l'utilisera s'il détecte que le serveur la "
+"prend en charge au cours de la connexion initiale. Ainsi, « true » signifie "
+"essentiellement « auto-detect »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
@@ -3619,17 +3964,21 @@ msgid ""
"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
"for more details."
msgstr ""
+"Remarque : Cette fonctionnalité fonctionne uniquement avec Active Directory "
+"2008 R1 et versions suivantes. Consulter <ulink url=\"http://msdn.microsoft."
+"com/en-us/library/windows/desktop/aa746475%28v=vs.85%29.aspx\">la "
+"documentation de MSDN(TM)</ulink> pour plus de détails."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "Par défaut : False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:886
msgid "ldap_initgroups_use_matching_rule_in_chain"
-msgstr ""
+msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:889
@@ -3638,6 +3987,10 @@ msgid ""
"feature which might speed up initgroups operations (most notably when "
"dealing with complex or deep nested groups)."
msgstr ""
+"Cette option indique à SSSD de tirer parti d'une fonctionnalité Active "
+"Directory spécifique qui peut accélérer les opérations initgroups (le plus "
+"souvent lors de l'utilisation de groupes profondément imbriqués ou "
+"complexes)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:913
@@ -3647,12 +4000,14 @@ msgstr "ldap_netgroup_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:916
msgid "The object class of a netgroup entry in LDAP."
-msgstr "La classe d'objet d'une entrée de groupe réseau dans LDAP."
+msgstr "La classe d'objet d'une entrée de netgroup dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:919
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
+"Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la "
+"place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:923
@@ -3667,7 +4022,7 @@ msgstr "ldap_netgroup_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:932
msgid "The LDAP attribute that corresponds to the netgroup name."
-msgstr "L'attribut LDAP qui correspond au nom du groupe réseau."
+msgstr "L'attribut LDAP correspondant au nom du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:936
@@ -3683,7 +4038,7 @@ msgstr "ldap_netgroup_member (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:949
msgid "The LDAP attribute that contains the names of the netgroup's members."
-msgstr "L'attribut LDAP qui contient les noms des membres de groupe réseau."
+msgstr "L'attribut LDAP contenant les noms des membres du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:953
@@ -3706,8 +4061,8 @@ msgstr "ldap_netgroup_triple (chaîne)"
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
-"L'attribut LDAP qui contient le triplet (hôte, utilisateur, domaine) d'un "
-"groupe réseau."
+"L'attribut LDAP contenant les triplets (hôte, utilisateur, domaine) d'un "
+"netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
@@ -3728,8 +4083,7 @@ msgstr "ldap_netgroup_uuid (chaîne)"
#: sssd-ldap.5.xml:982
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
-msgstr ""
-"L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP de groupe réseau."
+msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet netgroup LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:986
@@ -3745,12 +4099,12 @@ msgstr "ldap_netgroup_modify_timestamp (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1012
msgid "ldap_service_object_class (string)"
-msgstr ""
+msgstr "ldap_service_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1015
msgid "The object class of a service entry in LDAP."
-msgstr ""
+msgstr "La classe d'objet d'une entrée de service LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1018
@@ -3760,7 +4114,7 @@ msgstr "Par défaut : ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1024
msgid "ldap_service_name (string)"
-msgstr ""
+msgstr "ldap_service_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1027
@@ -3768,16 +4122,18 @@ msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
+"L'attribut LDAP qui contient le nom des attributs de service et de leurs "
+"alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1037
msgid "ldap_service_port (string)"
-msgstr ""
+msgstr "ldap_service_port (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1040
msgid "The LDAP attribute that contains the port managed by this service."
-msgstr ""
+msgstr "L'attribut LDAP qui contient le port géré par ce service."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1044
@@ -3787,13 +4143,13 @@ msgstr "Par défaut : ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1050
msgid "ldap_service_proto (string)"
-msgstr ""
+msgstr "ldap_service_proto (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1053
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
-msgstr ""
+msgstr "L'attribut LDAP qui contient les protocoles compris par ce service."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1057
@@ -3803,7 +4159,7 @@ msgstr "Par défaut : ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1063
msgid "ldap_service_search_base (string)"
-msgstr ""
+msgstr "ldap_service_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1068
@@ -3834,6 +4190,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Par défaut : 6"
@@ -3868,12 +4225,12 @@ msgid ""
"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
"citerefentry> returns in case of no activity."
msgstr ""
-"Définit le délai d'attente (en secondes) après quoi le <citerefentry> "
-"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
-"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
-"manvolnum> </citerefentry> suivi de <citerefentry> <refentrytitle>connect</"
-"refentrytitle> <manvolnum>2</manvolnum> </citerefentry> repasse en mode "
-"inactif."
+"Définit le délai d'attente (en secondes) après lequel les fonctions "
+"<citerefentry> <refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
+"</citerefentry>/<citerefentry> <refentrytitle>select</refentrytitle> "
+"<manvolnum>2</manvolnum> </citerefentry> suivant un <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
+"citerefentry> rendent la main en cas d'inactivité."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1131
@@ -3887,8 +4244,8 @@ msgid ""
"will abort if no response is received. Also controls the timeout when "
"communicating with the KDC in case of SASL bind."
msgstr ""
-"Définit le délai d'attente (en secondes) après quoi les appels synchrones à "
-"l'API LDAP sont annulés si aucune réponse n'est obtenue. Permet aussi de "
+"Définit le délai d'attente (en secondes) après lequel les appels synchrones "
+"à l'API LDAP échouent si aucune réponse n'est obtenue. Permet aussi de "
"contrôler le délai de communication avec le KDC dans le cas d'un appel SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
@@ -3904,9 +4261,13 @@ msgid ""
"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
"the TGT lifetime) will be used."
msgstr ""
+"Spécifie un délai d'attente (en secondes) pendant laquelle une connexion à "
+"un serveur LDAP est maintenue. Passé ce délai, la connexion devra être "
+"rétablie. Si ce paramètre est utilisé en parallèle avec SASL/GSSAPI, la plus "
+"courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr "Par défaut : 900 (15 minutes)"
@@ -3933,7 +4294,7 @@ msgstr "Par défaut : 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1177
msgid "ldap_disable_paging (boolean)"
-msgstr ""
+msgstr "ldap_disable_paging (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1180
@@ -3942,6 +4303,10 @@ msgid ""
"server reports that it supports the LDAP paging control in its RootDSE but "
"it is not enabled or does not behave properly."
msgstr ""
+"Désactiver le contrôle de pagination LDAP. Cette option doit être utilisée "
+"si le serveur LDAP signale qu'il prend en charge le contrôle de pagination "
+"LDAP de l'objet RootDSE, mais qu'il n'est pas activé ou ne se comporte pas "
+"correctement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1186
@@ -3949,6 +4314,9 @@ msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
+"Exemple : le serveurs OpenLDAP avec le module de contrôle de pagination "
+"installé sur le serveur mais non activé le signaleront dans RootDSE mais il "
+"sera impossible de l'utiliser."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1192
@@ -3957,11 +4325,14 @@ msgid ""
"a time on a single connection. On busy clients, this can result in some "
"requests being denied."
msgstr ""
+"Exemple : 389 DS a un bogue où il ne peut que soutenir qu'un seul contrôle "
+"de pagination à la fois sur une connexion donnée. Sur les clients chargés, "
+"cela peut entraîner l'échec de certaines demandes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1204
msgid "ldap_sasl_minssf (integer)"
-msgstr ""
+msgstr "ldap_sasl_minssf (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1207
@@ -3970,6 +4341,9 @@ msgid ""
"security level necessary to establish the connection. The values of this "
"option are defined by OpenLDAP."
msgstr ""
+"Lors de la communication avec un serveur LDAP en utilisant SASL, spécifie le "
+"niveau de sécurité minimal nécessaire pour établir la connexion. Les valeurs "
+"de cette option sont définies par OpenLDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1213
@@ -4000,6 +4374,8 @@ msgstr ""
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
+"Vous pouvez désactiver complètement les recherches de déréférencement en "
+"affectant la valeur 0."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1233
@@ -4021,6 +4397,9 @@ msgid ""
"filter, then the dereference lookup performance enhancement will be disabled "
"regardless of this setting."
msgstr ""
+"<emphasis>Remarque :</emphasis> Si l'une des bases de recherche spécifie un "
+"filtre de recherche, alors l'amélioration de la performance de recherche de "
+"déréférencement est désactivée indépendamment de ce paramètre."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1254
@@ -4042,7 +4421,7 @@ msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
-"<emphasis>never</emphasis> : le client ne demandera, ni ne vérifiera un "
+"<emphasis>never</emphasis> : le client ne demandera ni ne vérifiera un "
"quelconque certificat du serveur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -4054,7 +4433,7 @@ msgid ""
msgstr ""
"<emphasis>allow</emphasis> : le certificat serveur est demandé. Si aucun "
"certificat n'est fournit, la session continue normalement. Si un mauvais "
-"certificat est fournit, il est ignoré et la session continue normalement."
+"certificat est fourni, il est ignoré et la session continue normalement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1274
@@ -4064,8 +4443,8 @@ msgid ""
"is provided, the session is immediately terminated."
msgstr ""
"<emphasis>try</emphasis> : le certificat serveur est demandé. Si aucun "
-"certificat n'est fournit, la session continue normalement. Si un mauvais "
-"certificat est fournit, la session se termine immédiatement."
+"certificat n'est fourni, la session continue normalement. Si un mauvais "
+"certificat est fourni, la session se termine immédiatement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1280
@@ -4075,7 +4454,7 @@ msgid ""
"immediately terminated."
msgstr ""
"<emphasis>demand</emphasis> : le certificat serveur est demandé. Si aucun "
-"certificat ou un mauvais certificat est fournit, la session se termine "
+"certificat ou un mauvais certificat est fourni, la session se termine "
"immédiatement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -4100,7 +4479,7 @@ msgid ""
"Authorities that <command>sssd</command> will recognize."
msgstr ""
"Définit le fichier qui contient les certificats pour toutes les autorités de "
-"certificats que <command>sssd</command> reconnaîtra."
+"certification que <command>sssd</command> reconnaîtra."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
@@ -4108,7 +4487,7 @@ msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
-"Par défaut : utilise les paramètres par défaut de LDAP, en général dans "
+"Par défaut : utilise les paramètres par défaut de OpenLDAP, en général dans "
"<filename>/etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
@@ -4177,13 +4556,14 @@ msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
-"Définit le fait que le fournisseur d'identité de connexion doit autoriser "
-"<systemitem class=\"protocol\">tls</systemitem> pour protéger le canal."
+"Définit le fait que le fournisseur d'identité de connexion doit aussi "
+"utiliser <systemitem class=\"protocol\">tls</systemitem> pour protéger le "
+"canal."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1383
msgid "ldap_id_mapping (boolean)"
-msgstr ""
+msgstr "ldap_id_mapping (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1386
@@ -4192,11 +4572,17 @@ msgid ""
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
"on ldap_user_uid_number and ldap_group_gid_number."
msgstr ""
+"Indique que SSSD doit tenter de trouver les correspondances des ID "
+"d'utilisateur et de groupe dans les attributs ldap_user_objectsid et "
+"ldap_group_objectsid au lieu d'utiliser ldap_user_uid_number et "
+"ldap_group_gid_number."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1392
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
+"Cette fonctionnalité ne prend actuellement en charge que la correspondance "
+"par objectSID avec Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:1402
@@ -4219,91 +4605,120 @@ msgstr "ldap_sasl_authid (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1418
+#, fuzzy
+#| msgid ""
+#| "Specify the SASL authorization id to use. When GSSAPI is used, this "
+#| "represents the Kerberos principal used for authentication to the "
+#| "directory."
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
-"Définit l'identité d'autorisation SASL à utiliser. Quand GSSAPI est utilisé, "
-"c'est l'identifiant Kerberos principal utilisé pour s'authentifier au "
-"dossier."
+"Définit l'identifiant à utiliser pour l'autorisation SASL. Quand GSSAPI est "
+"utilisé, le principal Kerberos est utilisé pour s'authentifier auprès de "
+"l'annuaire."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr "Par défaut : host/hostname@REALM"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
+"Si true, la bibliothèque LDAP effectue une recherche inversée pour canoniser "
+"le nom de l'hôte au cours d'une liaison SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "Défaut : false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
"GSSAPI."
msgstr ""
-"Définit le fait que le fournisseur d'identité doit initialiser les crédits "
-"Kerberos (TGT). Cette action est effectuée seulement si SASL est utilisé et "
-"que le mécanisme choisit est GSSAPI."
+"Définit le fait que le fournisseur d'identité doit initialiser les données "
+"d'identification Kerberos (TGT). Cette action est effectuée seulement si "
+"SASL est utilisé et que le mécanisme choisi est GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "Par défaut : 86400 (24 heures)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
-msgstr ""
+msgstr "krb5_server, krb5_backup_server (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4313,65 +4728,77 @@ msgid ""
"discovery is enabled - for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
+"Spécifie par ordre de préférence la liste séparée par des virgules des "
+"adresses IP ou des noms de systèmes des serveurs Kerberos auquel SSSD doit "
+"se connecter. Pour plus d'informations sur la redondance de basculement et "
+"le serveur, consulter la section <quote>BASCULEMENT</quote>. Un numéro de "
+"port facultatif (précédé de deux-points) peut être ajouté aux adresses ou "
+"aux noms de systèmes. Si vide, la découverte de services est activée - pour "
+"plus d'informations, se reporter à la section de <quote>DÉCOUVERTE DE "
+"SERVICES</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
"none are found."
msgstr ""
-"En utilisant la recherche de services pour KDC ou les serveurs kpasswd, SSSD "
-"recherche en premier les entrées DNS qui définissent _udp comme protocole et "
-"passe sur _tcp si aucune entrée n'est trouvée."
+"Lors de l'utilisation de découverte de services pour le KDC ou les serveurs "
+"kpasswd, SSSD recherche en premier les entrées DNS qui définissent _udp "
+"comme protocole, et passe sur _tcp si aucune entrée n'est trouvée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
"migrate their config files to use <quote>krb5_server</quote> instead."
msgstr ""
-"Cette option était nommée <quote>krb5_kdcip</quote> dans les versions "
+"Cette option s'appelait <quote>krb5_kdcip</quote> dans les versions "
"précédentes de SSSD. Bien que ce nom soit toujours reconnu à l'heure "
"actuelle, il est conseillé de migrer les fichiers de configuration vers "
"l'utilisation de <quote>krb5_server</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
-"Par défaut : système par défaut, voir <filename>/etc/krb5.conf</filename>"
+"Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</"
+"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
+"Spécifie si le principal de l'hôte doit être rendu canonique lors de la "
+"connexion au serveur LDAP. Cette fonctionnalité est disponible avec MIT "
+"Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4380,7 +4807,7 @@ msgstr ""
"valeurs suivantes sont acceptées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4389,76 +4816,90 @@ msgstr ""
"peut pas désactiver la politique sur les mots de passe du côté serveur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
"evaluate if the password has expired."
msgstr ""
+"<emphasis>shadow</emphasis> - Utiliser les attributs de style "
+"<citerefentry><refentrytitle>shadow</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour évaluer si le mot de passe a expiré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
-"<emphasis>mit_kerberos</emphasis> : utilisez les attributs utilisés par MIT "
-"Kerberos pour déterminer si le mot de passe a expiré. Utilisez "
-"chpass_provider=krb5 ces attributs lorsque le mot de passe est changé."
+"<emphasis>mit_kerberos</emphasis> : utilise les attributs utilisés par MIT "
+"Kerberos pour déterminer si le mot de passe a expiré. Utiliser "
+"chpass_provider=krb5 afin de modifier ces attributs lorsque le mot de passe "
+"est changé."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "Par défaut : aucun"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
-msgstr "Définit si le référencement automatique doit être activé."
+msgstr "Définit si le déréférencement automatique doit être activé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
-"Veuillez noter que sssd ne supporte que le référencement quand il est "
+"Veuillez noter que sssd ne supporte que le déréférencement que lorsqu'il est "
"compilé avec OpenLDAP version 2.4.13 ou supérieur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
"does not in fact require the use of referrals, setting this option to false "
"might bring a noticeable performance improvement."
msgstr ""
+"La déréférenciation de références peut subir une altération notable des "
+"performances dans les environnements qui les utilisent fortement, un exemple "
+"notable étant Microsoft Active Directory. Si votre installation ne nécessite "
+"pas l'utilisation des références, affecter false à cette option devrait "
+"permettre d'améliorer de façon notable les performances."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Définit le nom de service à utiliser quand la découverte de services est "
"activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr "Par défaut : ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4467,31 +4908,34 @@ msgstr ""
"un changement de mot de passe quand la découverte de services est activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
"Par défaut : non défini, c'est-à-dire que le service de découverte est "
"désactivé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
-msgstr ""
+msgstr "ldap_chpass_update_last_change (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
+"Spécifie s'il faut mettre à jour l'attribut ldap_user_shadow_last_change "
+"avec le nombre de jours depuis Epoch après l'opération de changement de mot "
+"de passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4500,14 +4944,21 @@ msgid ""
"set, it will result in all users being denied access. Use access_provider = "
"permit to change this default behavior."
msgstr ""
+"Cette option est obligatoire lors de l'utilisation de access_provider = ldap "
+"et ldap_access_order = filter (qui sont les valeurs par défaut). Elle "
+"spécifie un critère de filtre de recherche LDAP qui doit être satisfaite "
+"pour que l'utilisateur ait accès à ce système. Si access_provider = ldap, "
+"ldap_access_order = filter et que cette option n'est pas définie, tous les "
+"utilisateurs se verront refuser leurs accès. Utiliser access_provider = "
+"permit de changer ce comportement par défaut."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "Exemple:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4515,42 +4966,42 @@ msgid ""
" "
msgstr ""
"access_provider = ldap\n"
-"ldap_access_filter = membre_de=cn=utilisateurs_autorisés,ou=Groupes,dc=exemple,dc=com\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
-"Cet exemple montre un accès à l'hôte restreint aux membres du groupe « "
-"utilisateurs_autorisés » dans LDAP."
+"Cet exemple montre un accès à l'hôte restreint aux membres du groupe LDAP « "
+"allowedusers »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
"access during their last login, they will continue to be granted access "
"while offline and vice-versa."
msgstr ""
-"Le cache hors-ligne pour cette option est limité et à déterminer dans le cas "
-"où le dernier accès de l'utilisateur était autorisé. Si tel était le cas, "
-"l'accès sera conservé en mode hors-ligne et vice-versa."
+"Le cache hors-ligne pour cette fonctionnalité est limité à la détermination "
+"du fait que la dernière connexion en ligne de l'utilisateur a été autorisée. "
+"Si tel était le cas, l'accès sera conservé en mode hors-ligne et vice-versa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr "Par défaut : vide"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4559,7 +5010,7 @@ msgstr ""
"être activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4567,25 +5018,25 @@ msgid ""
msgstr ""
"Veuillez noter qu'il est toujours recommandé d'utiliser un contrôle d'accès "
"du côté serveur, c'est-à-dire que le serveur LDAP doit refuser une requête "
-"de connexion avec un code erreur approprié même si le mot de pass est "
+"de connexion avec un code erreur approprié même si le mot de passe est "
"correct."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr "Les valeurs suivantes sont autorisées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
-"<emphasis>shadow</emphasis> : utilisez cette valeur de "
-"ldap_user_shadow_expire pour déterminer si le compte a expiré."
+"<emphasis>shadow</emphasis> : utiliser la valeur de ldap_user_shadow_expire "
+"pour déterminer si le compte a expiré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4598,7 +5049,7 @@ msgstr ""
"période d'expiration du compte est aussi vérifiée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4609,7 +5060,7 @@ msgstr ""
"l'accès est autorisé ou non."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4622,49 +5073,49 @@ msgstr ""
"est autorisé. Si les deux attributs sont manquants l'accès est autorisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
-"Liste des options de contrôles d'accès, séparées par des virgules. Valeurs "
-"autorisées :"
+"Liste séparées par des virgules des options de contrôles d'accès. Les "
+"valeurs autorisées sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
-msgstr "<emphasis>filter</emphasis> : utilise ldap_access_filter"
+msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
-msgstr "<emphasis>expire</emphasis>: utilise ldap_account_expire_policy"
+msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
-"<emphasis>authorized_service</emphasis> : utilise l'attribut d'autorisation "
-"de service pour déterminer l'accès"
+"<emphasis>authorized_service</emphasis> : utiliser l'attribut "
+"authorizedService pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis> : utilise l'attribut d'hôte pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "Par défaut : filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -4673,12 +5124,12 @@ msgstr ""
"de configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -4687,22 +5138,22 @@ msgstr ""
"recherche. Les options suivantes sont autorisées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
-"<emphasis>searching</emphasis> : les alias sont déréférencés suivant les "
-"objets subordonnés de l'objet de base, et non pas suivant l'objet de base de "
-"la recherche lui-même."
+"<emphasis>searching</emphasis> : Les alias sont déréférencés comme des "
+"subordonnés de l'objet de base, mais pas en localisant l'objet de base de la "
+"recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -4711,22 +5162,55 @@ msgstr ""
"la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
-"<emphasis>always</emphasis> : les alias sont déréférencés à la fois en "
-"recherche et en localisant l'objet de base de la recherche."
+"<emphasis>always</emphasis> : les alias sont déréférencés à la fois pour la "
+"recherche et et la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
"Par défaut : vide (ceci est traité comme <emphasis>never</emphasis> par les "
-"bibliothèques client LDAP)"
+"bibliothèques clientes LDAP)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (booléen)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
@@ -4737,341 +5221,389 @@ msgid ""
"manvolnum> </citerefentry> manual page for full details. <placeholder type="
"\"variablelist\" id=\"0\"/>"
msgstr ""
-"Toutes les options communes de configuration appliquées aux domaines SSSD "
+"Toutes les options de configuration communes appliquées aux domaines SSSD "
"s'appliquent aussi aux domaines LDAP. Voir la section des <quote>SECTIONS DE "
-"DOMAINE</quote> dans le manuel du fichier <citerefentry> <refentrytitle>sssd."
+"DOMAINE</quote> dans la page de manuel <citerefentry> <refentrytitle>sssd."
"conf</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> pour plus de "
"détails. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
-msgstr ""
+msgstr "OPTIONS DE SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
-msgstr ""
+msgstr "ldap_sudorule_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
-msgstr ""
+msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr "Par défaut : sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
-msgstr ""
+msgstr "ldap_sudorule_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
-msgstr ""
+msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
-msgstr ""
+msgstr "ldap_sudorule_command (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
-msgstr ""
+msgstr "L'attribut LDAP qui correspond au nom de la commande."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr "Par défaut : sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
-msgstr ""
+msgstr "ldap_sudorule_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
+"L'attribut LDAP qui correspond au nom d'hôte (ou adresse IP de l'hôte, "
+"réseau IP de l'hôte ou netgroup de l'hôte)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr "Par défaut : sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
-msgstr ""
+msgstr "ldap_sudorule_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
+"L'attribut LDAP qui correspond au nom d'utilisateur (ou UID, le nom du "
+"groupe ou netgroup de l'utilisateur)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr "Par défaut : sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
-msgstr ""
+msgstr "ldap_sudorule_option (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
-msgstr ""
+msgstr "L'attribut LDAP qui correspond aux options sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr "Par défaut : sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
-msgstr ""
+msgstr "ldap_sudorule_runasuser (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
+"L'attribut LDAP qui correspond aux commandes peuvent être exécutées sous le "
+"nom d'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr "Par défaut : sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
-msgstr ""
+msgstr "ldap_sudorule_runasgroup (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
+"L'attribut LDAP qui correspond au nom du groupe ou GID du groupe sous lequel "
+"les commandes seront être exécutées."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr "Par défaut : sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
-msgstr ""
+msgstr "ldap_sudorule_notbefore (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
+"L'attribut LDAP qui correspond à la date/heure de début pour laquelle la "
+"règle sudo est valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr "Par défaut : sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
-msgstr ""
+msgstr "ldap_sudorule_notafter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
+"L'attribut LDAP qui correspond à la date/heure d'expiration, après quoi la "
+"règle sudo ne sera plus valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr "Par défaut : sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
-msgstr ""
+msgstr "ldap_sudorule_order (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
-msgstr ""
+msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr "Par défaut : sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
-msgstr ""
+msgstr "ldap_sudo_full_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
+"La durée en secondes pendant laquelle SSSD va attendre entre deux "
+"actualisations complètes des règles de sudo (qui téléchargent toutes les "
+"règles qui sont stockées sur le serveur)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
+"La valeur doit être supérieure à <emphasis>ldap_sudo_smart_refresh_interval</"
+"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr "Par défaut : 21600 (6 heures)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
-msgstr ""
+msgstr "ldap_sudo_smart_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
"of cached rules)."
msgstr ""
+"La durée en secondes pendant laquelle SSSD doit attendre avant d'exécuter "
+"une actualisation intelligente des règles sudo (qui télécharge toutes les "
+"règles qui ont un USN supérieur à l'USN le plus élevé des règles mises en "
+"cache)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
+"Si les attributs USN ne sont pas pris en charge par le serveur, l'attribut "
+"modifyTimestamp est utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
-msgstr ""
+msgstr "ldap_sudo_use_host_filter (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
+"Si true, SSSD téléchargera les seules règles qui s'appliquent à cette "
+"machine (à l'aide de l'adresse de système ou de réseau IPv4 ou IPv6 et des "
+"noms de systèmes)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
-msgstr ""
+msgstr "ldap_sudo_hostnames (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
+"Liste séparés par des espaces des noms de systèmes ou de domaines qui "
+"doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
+"Si cette option est vide, SSSD va essayer de découvrir automatiquement le "
+"nom de système et le nom de domaine pleinement qualifié."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
+"Si <emphasis>ldap_sudo_use_host_filter</emphasis> est <emphasis>false</"
+"emphasis>, alors cette option n'a aucun effet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr "Par défaut : non spécifié"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
-msgstr ""
+msgstr "ldap_sudo_ip (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
+"Liste séparés par des espaces d'adresses de système ou de réseaux IPv4 ou "
+"IPv6 qui doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
+"Si cette option est vide, SSSD va essayer de découvrir les adresses "
+"automatiquement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
-msgstr ""
+msgstr "ldap_sudo_include_netgroups (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
+"Si elle est vraie alors SSSD téléchargera toutes les règles qui contient un "
+"netgroup dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
-msgstr ""
+msgstr "ldap_sudo_include_regexp (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
+#, fuzzy
+#| msgid ""
+#| "If true then SSSD will download every rule that contains a netgroup in "
+#| "sudoHost attribute."
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
+"Si elle est vraie alors SSSD téléchargera toutes les règles qui contient un "
+"netgroup dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
-msgstr ""
+msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
+"Cette page de manuel décrit uniquement le mappage de noms d'attribut. Pour "
+"une explication détaillée des sémantiques d'attributs relatives à sudo, cf. "
+"<citerefentry><refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
-msgstr ""
+msgstr "OPTIONS AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5080,98 +5612,105 @@ msgstr ""
"qui est RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
-msgstr ""
+msgstr "ldap_autofs_map_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
+"La classe d'objet d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr "Par défaut : automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
-msgstr ""
+msgstr "ldap_autofs_map_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
-msgstr ""
+msgstr "Le nom d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr "Par défaut : ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_key (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
+"La clé d'une entrée de montage automatique dans LDAP. L'entrée correspond "
+"généralement à un point de montage."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
-msgstr ""
+msgstr "ldap_autofs_entry_value (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr "Par défaut : automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
"\"variablelist\" id=\"4\"/>"
msgstr ""
+"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "OPTIONS AVANCÉES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5180,14 +5719,16 @@ msgstr ""
"restreint les recherches utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
+"Cette option est <emphasis>déconseillée</emphasis> en faveur de la syntaxe "
+"utilisée par ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5197,7 +5738,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5206,12 +5747,12 @@ msgstr ""
"qui ont leur interpréteur de commande définit sur /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5220,47 +5761,59 @@ msgstr ""
"restreint les recherches de groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
+"Cette option est <emphasis>déconseillée</emphasis> en faveur de la syntaxe "
+"utilisée par ldap_group_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
-msgstr ""
+msgstr "ldap_sudo_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
-msgstr ""
+msgstr "ldap_autofs_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
-"Ces options sont prises en charge pour les domaines LDAP, mais ils doivent "
+"Ces options sont prises en charge par les domaines LDAP, mais ils doivent "
"être utilisés avec précaution. Veuillez les inclure dans votre configuration "
"seulement si vous savez ce que vous faites. <placeholder type=\"variablelist"
"\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
"section."
msgstr ""
-"L'exemple suivant suppose que SSSD est correctement configuré et LDAP pointe "
-"sur un des domaines de la section <replaceable>[domains]</replaceable>."
+"L'exemple suivant suppose que SSSD est correctement configuré et que LDAP "
+"pointe sur un des domaines de la section <replaceable>[domains]</"
+"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5269,41 +5822,41 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
" auth_provider = ldap\n"
-" ldap_uri = ldap://ldap.mon_domaine.org\n"
-" ldap_search_base = dc=mon_domaine,dc=org\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
"distribution."
msgstr ""
-"Les descriptions de quelques options de configuration des pages de manuel "
-"sont basées sur le manuel de <citerefentry> <refentrytitle>ldap.conf</"
-"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> dans le paquet de "
-"OpenLDAP 2.4."
+"Les descriptions de quelques unes des options de configuration des pages de "
+"manuel sont basées sur le manuel de <citerefentry> <refentrytitle>ldap.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> de la distribution "
+"de OpenLDAP 2.4."
#. type: Content of: <refentryinfo>
#: pam_sss.8.xml:8 include/upstream.xml:2
@@ -5373,7 +5926,7 @@ msgid ""
"If <option>forward_pass</option> is set the entered password is put on the "
"stack for other PAM modules to use."
msgstr ""
-"Si <option>forward_pass</option> est définit, le mot de passe entré est "
+"Si <option>forward_pass</option> est défini, le mot de passe saisi est "
"inséré en mémoire pour les autres modules PAM utilisés."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
@@ -5389,9 +5942,9 @@ msgid ""
"available or the password is not appropriate, the user will be denied access."
msgstr ""
"L'argument use_first_pass force le module à utliser un module de mot de "
-"passe déjà en mémoire et ne fera pas la demande à l'utilisateur. Si aucun "
-"mot de passe n'est disponible ou que celui-ci n'est pas approprié, "
-"l'utilisateur est refusé."
+"passe déjà en mémoire et n'en fera jamais la demande à l'utilisateur. Si "
+"aucun mot de passe n'est disponible ou que celui-ci n'est pas approprié, "
+"l'utilisateur verra son accès refusé."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:84
@@ -5404,9 +5957,8 @@ msgid ""
"When password changing enforce the module to set the new password to the one "
"provided by a previously stacked password module."
msgstr ""
-"Lorsque le changement de mot de passe force le module à changer de mot de "
-"passe vers celui fournit par un module de mot de passe déjà chargé en "
-"mémoire."
+"Lorsque le changement de mot de passe force le module à modifier le mot de "
+"passe par celui fourni par un module de mot de passe déjà chargé en mémoire."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: pam_sss.8.xml:94
@@ -5429,15 +5981,15 @@ msgid ""
"calling PAM handles the user dialog on its own. A typical example is "
"<command>sshd</command> with <option>PasswordAuthentication</option>."
msgstr ""
-"Veuillez noter que cette option peut ne pas fonctionner comme prévu si "
-"l'application qui appelle PAM gère de lui-même les boîtes de dialogue "
-"utilisateur. Un exemple typique est <command>sshd</command> avec "
+"Veuillez noter que cette option peut ne pas fonctionner comme attendu si "
+"l'application qui appelle PAM gère lui-même les dialogues avec "
+"l'utilisateur. Un exemple typique est <command>sshd</command> avec "
"<option>PasswordAuthentication</option>."
#. type: Content of: <reference><refentry><refsect1><title>
#: pam_sss.8.xml:110
msgid "MODULE TYPES PROVIDED"
-msgstr "TYPES DE MODULE FOURNIT"
+msgstr "TYPES DE MODULES FOURNIS"
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:111
@@ -5460,10 +6012,10 @@ msgid ""
"does not support password resets, an individual message can be displayed. "
"This message can e.g. contain instructions about how to reset a password."
msgstr ""
-"Si une remise à zéro de mot de passe par root échoue car le fournisseur SSSD "
-"correspondant ne prend pas en charge la remise à zéro de mot de passe, un "
-"message spécifique peut être affiché. Ce message peut, par exemple, contenir "
-"les instructions pour faire cette remise à zéro."
+"Si une réinitialisation par root d'un mot de passe échoue parce que le "
+"fournisseur SSSD correspondant ne prend pas en charge la réinitialisation de "
+"mot de passe, un message spécifique peut être affiché. Ce message peut, par "
+"exemple, contenir les instructions permettant la réinitialisation."
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:123
@@ -5476,6 +6028,14 @@ msgid ""
"the owner of the files and only root may have read and write permissions "
"while all other users must have only read permissions."
msgstr ""
+"Le message est lu depuis le fichier <filename>pam_sss_pw_reset_message.LOC</"
+"filename> où LOC représente une chaîne de paramètres régionaux retournée par "
+"<citerefentry><refentrytitle>setlocale</refentrytitle> <manvolnum>3</"
+"manvolnum></citerefentry>. Si il n'y a aucun fichier correspondant, le "
+"contenu de <filename>pam_sss_pw_reset_message.txt</filename> est affiché. "
+"L'utilisateur root doit être le propriétaire des fichiers et seul root peut "
+"avoir les autorisations en lecture et en écriture alors que tous les autres "
+"utilisateurs doivent avoir les autorisations en lecture seule."
#. type: Content of: <reference><refentry><refsect1><para>
#: pam_sss.8.xml:133
@@ -5484,7 +6044,7 @@ msgid ""
"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
"displayed."
msgstr ""
-"Ces fichiers sont cherchés dans le dossier <filename>/etc/sssd/customize/"
+"Ces fichiers sont recherchés dans le dossier <filename>/etc/sssd/customize/"
"NOM_DE_DOMAINE/</filename>. Si aucun fichier correspondant n'est présent, un "
"message spécifique est affiché."
@@ -5508,6 +6068,18 @@ msgid ""
"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>"
msgstr ""
+"Le greffon de localisation Kerberos <command>sssd_krb5_locator_plugin</"
+"command> est utilisé par le fournisseur Kerberos de "
+"<citerefentry><refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> pour indiquer aux bibliothèques Kerberos quel domaine et quel "
+"KDC à utiliser. En général, cela se fait en "
+"<citerefentry><refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> qui est toujours lu par les bibliothèques de "
+"Kerberos. Pour simplifier la configuration, le Domaine et le KDC peuvent "
+"être définis dans <citerefentry><refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> comme indiqué dans "
+"<citerefentry><refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:48
@@ -5519,6 +6091,12 @@ msgid ""
"libraries it reads and evaluates these variables and returns them to the "
"libraries."
msgstr ""
+"<citerefentry><refentrytitle>SSSD</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> met le nom de domaine et le nom ou adresse IP du KDC dans les "
+"variables d'environnement SSSD_KRB5_REALM et SSSD_KRB5_KDC respectivement. "
+"Lorsque <command>sssd_krb5_locator_plugin</command> est appelé par les "
+"bibliothèques de kerberos, il lit et évalue ces variables et les transmet "
+"aux bibliothèques."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd_krb5_locator_plugin.8.xml:63
@@ -5527,9 +6105,9 @@ msgid ""
"<command>sssd_krb5_locator_plugin</command> is not available on your system "
"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
msgstr ""
-"Toutes les versions de Kerberos ne supportent pas forcément l'utilisation de "
-"modules. Si <command>sssd_krb5_locator_plugin</command> n'est pas présent "
-"dans votre système, vous devez éditer /etc/krb5.conf pour modifier la "
+"Toutes les versions de Kerberos ne prennent en charge l'utilisation de "
+"greffons. Si <command>sssd_krb5_locator_plugin</command> n'est pas présent "
+"sur votre système, il faut modifier /etc/krb5.conf pour s'adapter à la "
"configuration de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para>
@@ -5551,8 +6129,8 @@ msgstr "sssd-simple"
#: sssd-simple.5.xml:17
msgid "the configuration file for SSSD's 'simple' access-control provider"
msgstr ""
-"le fichier de configuration pour le « simple » fournisseur de contrôle "
-"d'accès SSSD."
+"le fichier de configuration pour le fournisseur de contrôle d'accès « "
+"simple » de SSSD."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:24
@@ -5564,12 +6142,12 @@ msgid ""
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page."
msgstr ""
-"Cette page de manuel décrit la configuration du simple fournisseur de "
-"contrôle d'accès pour <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"Cette page de manuel décrit la configuration du fournisseur de contrôle "
+"d'accès simple de <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>. Pour plus de détails sur la "
-"syntaxe, veuillez voir la section <quote>FORMAT DE FICHIER</quote> de la "
-"page de manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
-"<manvolnum>5</manvolnum> </citerefentry>."
+"syntaxe, cf. la section <quote>FORMAT DE FICHIER</quote> de la page de "
+"manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:38
@@ -5577,9 +6155,9 @@ msgid ""
"The simple access provider grants or denies access based on an access or "
"deny list of user or group names. The following rules apply:"
msgstr ""
-"Le simple fournisseur d'accès autorise l'accès à partir d'une liste. Celle-"
-"ci peut définir l'accès ou bien le refus de noms d'utilisateur ou de groupe, "
-"ou encore des noms de groupes. Les règles suivantes s'appliquent :"
+"Le fournisseur d'accès simple autorise les accès à partir de listes "
+"d'autorisation ou de refus de noms d'utilisateurs ou de groupes. Les règles "
+"suivantes s'appliquent :"
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
#: sssd-simple.5.xml:43
@@ -5592,8 +6170,8 @@ msgid ""
"If any list is provided, the order of evaluation is allow,deny. This means "
"that any matching deny rule will supersede any matched allow rule."
msgstr ""
-"Si une liste est fournie, quel quelle soit, l'ordre d'évaluation est "
-"autorisé, puis refusé, autrement dit une règle de refus écrasera une règle "
+"Si une liste est fournie, quelle qu'elle soit, l'ordre d'évaluation est "
+"allow,deny. Autrement dit une règle de refus écrasera une règle "
"d'autorisation."
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
@@ -5602,7 +6180,7 @@ msgid ""
"If either or both \"allow\" lists are provided, all users are denied unless "
"they appear in the list."
msgstr ""
-"Si la ou les listes fournies sont seulement « autorisée », tous les "
+"Si la ou les listes fournies sont seulement de type « allow », tous les "
"utilisateurs sont refusés à moins qu'ils ne soient dans la liste."
#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
@@ -5611,8 +6189,8 @@ msgid ""
"If only \"deny\" lists are provided, all users are granted access unless "
"they appear in the list."
msgstr ""
-"Si seulement les listes « refus » sont disponibles, tous les utlisateurs "
-"sont autorisés à moins qu'ils ne soient dans la liste."
+"Si seulement les listes « deny » sont utilisées, tous les utlisateurs sont "
+"autorisés à moins qu'ils ne soient dans la liste."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:78
@@ -5623,7 +6201,7 @@ msgstr "simple_allow_users (chaîne)"
#: sssd-simple.5.xml:81
msgid "Comma separated list of users who are allowed to log in."
msgstr ""
-"Liste, séparée par des virgules, d'utilisateurs autorisés à se connecter."
+"Liste séparée par des virgules d'utilisateurs autorisés à se connecter."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:88
@@ -5634,7 +6212,7 @@ msgstr "simple_deny_users (chaîne)"
#: sssd-simple.5.xml:91
msgid "Comma separated list of users who are explicitly denied access."
msgstr ""
-"Liste, séparée par des virgules, d'utilisateurs qui ont un accès refusé."
+"Liste séparée par des virgules d'utilisateurs dont l'accès sera refusé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:97
@@ -5647,9 +6225,9 @@ msgid ""
"Comma separated list of groups that are allowed to log in. This applies only "
"to groups within this SSSD domain. Local groups are not evaluated."
msgstr ""
-"Liste, séparée par des virgules, de groupes autorisés à se connecter. Ceci "
-"ne s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaus ne "
-"sont pas évalués."
+"Liste séparée par des virgules de groupes autorisés à se connecter. Ceci ne "
+"s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont "
+"pas pris en compte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-simple.5.xml:108
@@ -5663,55 +6241,63 @@ msgid ""
"applies only to groups within this SSSD domain. Local groups are not "
"evaluated."
msgstr ""
-"Liste, séparée par des virgules, de groupes qui sont refusés. Ceci ne "
-"s'applique qu'à des groupes dans un certain domaine SSSD. Les groupes locaux "
-"ne sont pas évalués."
+"Liste séparée par des virgules de groupes dont l'accès sera refusé. Ceci ne "
+"s'applique qu'à des groupes dans un domaine SSSD. Les groupes locaux ne sont "
+"pas pris en compte."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry> manual page for details on the configuration of an SSSD "
"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
-"Veuillez vous référer à la section <quote>SECTIONS DE DOMAINE</quote> du "
-"manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
-"<manvolnum>5</manvolnum> </citerefentry> pour les détails sur la "
-"configuration du domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
+"Se référer à la section <quote>SECTIONS DE DOMAINE</quote> de la page de "
+"manuel <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> pour les détails sur la configuration d'un "
+"domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
-"Veuillez noter que c'est une erreur de configuration si simple_allow_users "
-"et simple_deny_users, sont définis."
+"Veuillez noter que la configuration simultanée de simple_allow_users et "
+"simple_deny_users est une erreur."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the simple access provider-specific options."
msgstr ""
-"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com "
-"est un des domaines dans la section <replaceable>[sssd]</replaceable>. Ces "
-"exemples montrent seulement les options du simple fournisseur d'accès "
-"spécifique."
+"L'exemple suivant suppose que SSSD est correctement configuré et que example."
+"com est un des domaines dans la section <replaceable>[sssd]</replaceable>. "
+"Ces exemples montrent seulement les options spécifiques du fournisseur "
+"d'accès simple."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
" access_provider = simple\n"
" simple_allow_users = user1, user2\n"
msgstr ""
-" [domain/exemple.com]\n"
+" [domain/example.com]\n"
" access_provider = simple\n"
-" simple_allow_users = utilisateur1, utilisateur2\n"
+" simple_allow_users = user1, user2\n"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
@@ -5742,8 +6328,8 @@ msgid ""
"requires that the machine be joined to the IPA domain; configuration is "
"almost entirely self-discovered and obtained directly from the server."
msgstr ""
-"Le fournisseur IPA est un antéserveur pour se connecter au serveur IPA (voir "
-"le site freeipa.org pour plus d'informations sur les serveurs IPA). Ce "
+"Le fournisseur IPA est le moteur pour se connecter à un serveur IPA. (Cf. le "
+"site freeipa.org pour plus d'informations sur les serveurs IPA). Ce "
"fournisseur nécessite que la machine soit joignable pour le domaine IPA ; la "
"configuration est presque entièrement obtenue et auto-découverte à partir du "
"serveur."
@@ -5757,6 +6343,11 @@ msgid ""
"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
"provider with some exceptions described below."
msgstr ""
+"Le fournisseur IPA accepte les mêmes options utilisées par le fournisseur "
+"d'identité <citerefentry><refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> et le fournisseur d'authentification "
+"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> avec les quelques exceptions décrites ci-dessous."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ipa.5.xml:55
@@ -5767,28 +6358,41 @@ msgid ""
"freeipa.org for more information about HBAC. No configuration of access "
"provider is required on the client side."
msgstr ""
+"Toutefois, il n'est ni nécessaire ni recommandé de définir ces options. Le "
+"fournisseur IPA peut également servir comme fournisseur d'accès et chpass. "
+"En tant que fournisseur d'accès, il utilise des règles HBAC (host-based "
+"access control). Veuillez consulter freeipa.org pour plus d'informations sur "
+"HBAC. Aucune configuration de fournisseur d'accès n'est requise côté client."
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
-"Définit le nom du domaine IPA. C'est une option. Si non fournit, le nom de "
-"domaine de configuration est utilisé."
+"Définit le nom du domaine IPA. Optionnel, s'il n'est pas fourni, le nom de "
+"domaine de la configuration est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
-msgstr ""
+msgstr "ipa_server, ipa_backup_server (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5796,38 +6400,45 @@ msgid ""
"This is optional if autodiscovery is enabled. For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"La liste par ordre de préférence séparée par des virgules des adresses IP ou "
+"des noms de systèmes des serveurs IPA auxquels SSSD doit se connecter . Pour "
+"plus d'informations sur la redondance de serveurs et le basculement, "
+"consulter la section de <quote>BASCULEMENT</quote>. Ceci est optionnel si "
+"la découverte automatique est activée. Pour plus d'informations sur la "
+"découverte de services, se reporter à la section de <quote>DÉCOUVERTE DE "
+"SERVICE</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
-"Optionnel. Peut être définit pour des machines où le nom d'hôte ne reflète "
-"pas le nom de domaine entièrement qualifié dans le domaine IPA pour "
-"identifier l'hôte."
+"Optionnel. Peut être défini pour des machines dont le hostname(5) ne reflète "
+"pas le nom de domaine pleinement qualifié du domaine IPA pour identifier "
+"l'hôte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
-"Optionnel. Cette option indique à SSSD de faire une mise à jour automatique "
-"du serveur DNS construit dans FreeIPA v2 avec l'adresse IP du client."
+"Optionnel. Cette option indique à SSSD de mettre à jour automatiquement le "
+"serveur DNS de FreeIPA avec l'adresse IP du client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -5837,134 +6448,171 @@ msgstr ""
"être défini correctement dans /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (entier)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 5 (seconds)"
+msgid "Default: 1200 (seconds)"
+msgstr "Par défaut : 5 (secondes)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
-"Optionnel. Applicable seulement quand ipa_dyndns_update est vrai. Choisir "
-"l'interface dont l'adresse IP soit être utilisé pour les mises à jour des "
-"DNS dynamiques."
+"Optionnel. Applicable seulement quand ipa_dyndns_update est vrai. Choisit "
+"l'interface dont l'adresse IP sera utilisée pour les mises à jour dynamiques "
+"du DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Par défaut : utilise l'adresse IP de la connexion IPA LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
+"Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets "
+"HBAC associés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr "Par défaut : utilise la base DN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
-msgstr ""
+msgstr "ipa_host_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
+"Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger "
+"des objets."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
+"Cf. <quote>ldap_search_base</quote> pour plus d'informations sur la "
+"configuration des bases de recherche multiples."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
"will be ignored."
msgstr ""
+"Si le filtre est donné dans l'une des bases de recherche et "
+"<emphasis>ipa_hbac_support_srchost</emphasis> a la valeur False, le filtre "
+"sera ignoré."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
-msgstr ""
+msgstr "ipa_selinux_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
+"Facultatif. Utiliser la chaîne donnée comme base de recherche pour les "
+"mappages utilisateur SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
-msgstr ""
+msgstr "ipa_subdomains_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
+"Facultatif. Utiliser la chaîne donnée comme base de recherche pour les "
+"domaines approuvés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
-msgstr ""
+msgstr "ipa_master_domain_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
+"Facultatif. Utiliser la chaîne donnée comme base de recherche objet de "
+"domaine maître."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
-"Notez que cette valeur par défaut diffère du moteur de traitement Kerberos "
+"Noter que cette valeur par défaut diffère du moteur de traitement Kerberos "
"original."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -5973,7 +6621,7 @@ msgstr ""
"<quote>ipa_domain</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -5982,20 +6630,23 @@ msgstr ""
"convertit en la base DN pour effectuer des opérations LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
"with MIT Kerberos >= 1.7"
msgstr ""
+"Spécifie si l'hôte et l'utilisateur principal doivent être rendus canoniques "
+"lors des connexions au serveur LDAP de IPA, mais aussi pour les requêtes AS. "
+"Cette fonctionnalité est disponible avec MIT Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6006,17 +6657,40 @@ msgstr ""
"requêtes de contrôle d'accès pendant une courte période."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr "Par défaut : 5 (secondes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "ipa_hbac_refresh (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "ipa_hbac_refresh (entier)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+#, fuzzy
+#| msgid ""
+#| "The amount of time between lookups of the HBAC rules against the IPA "
+#| "server. This will reduce the latency and load on the IPA server if there "
+#| "are many access-control requests made in a short period."
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+"Le temps entre les règles de recherches HBAC pour un serveur IPA. Cela "
+"réduit le temps de latence et la charge du serveur IPA si il y a beaucoup de "
+"requêtes de contrôle d'accès pendant une courte période."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6030,7 +6704,7 @@ msgstr ""
"client supportera deux modes opératoires pendant cette transition :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6039,7 +6713,7 @@ msgstr ""
"tous les utilisateurs ne pourront pas se connecter."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6048,78 +6722,83 @@ msgstr ""
"Faites attention avec cette option, elle peut fournir des accès non-prévus."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr "Par défaut : DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
-msgstr ""
+msgstr "Si false, srchost tel qu'il figure à SSSD par PAM sera ignoré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
+"Noter que si la valeur <emphasis>False</emphasis>, cette option implique que "
+"les filtres donnés en <emphasis>ipa_host_search_base</emphasis> seront "
+"ignoré&nbp;;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
-msgstr ""
+msgstr "ipa_automount_location (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
-msgstr ""
+msgstr "L'emplacement à automonter qu'utilisera ce client IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr "Par défaut : Le lieu nommé « default »"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
-msgstr ""
+msgstr "L'attribut LDAP qui répertorie les appartenances aux netgroups."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
+"L'attribut LDAP qui répertorie les utilisateurs et les groupes qui sont "
+"membres directs du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr "Par défaut : memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6128,232 +6807,275 @@ msgstr ""
"sont membres directs du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr "Par défaut : memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
-msgstr ""
+msgstr "ipa_netgroup_member_ext_host (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
+"L'attribut LDAP qui répertorie les noms de domaines complets des systèmes et "
+"des groupes de systèmes qui appartiennent au groupe réseau."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr "Par défaut : externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
-msgstr ""
+msgstr "ipa_netgroup_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
-msgstr ""
+msgstr "L'attribut LDAP qui contient le nom de domaine NIS du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr "Par défaut : nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
-msgstr ""
+msgstr "ipa_host_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
-msgstr ""
+msgstr "La classe de l'objet d'une entrée d'hôte dans l'annuaire LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr "Par défaut : ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
-msgstr ""
+msgstr "ipa_host_fqdn (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
-msgstr ""
+msgstr "L'attribut LDAP qui contient le nom de domaine complet du système."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr "Par défaut : nom de domaine complet"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
-msgstr ""
+msgstr "L'attribut LDAP qui contient le nom de SELinux usermap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_member_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
+"L'attribut LDAP qui contient tous les utilisateurs / groupes correspondant à "
+"cette règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_member_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
+"L'attribut LDAP qui contient tous les hôtes / hostgroups correspondant à "
+"cette règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_see_also (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
+"L'attribut LDAP qui contient le DN de la règle de HBAC qui peut être utilisé "
+"pour la correspondance au lieu de memberUser et memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr "Par défaut : seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_selinux_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
-msgstr ""
+msgstr "L'attribut LDAP qui contient la chaîne utilisateur SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr "Par défaut : ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_enabled (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
+"L'attribut LDAP qui contient le fait que la carte utilisateur est activée "
+"pour utilisation ou non."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr "Par défaut : ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_user_category (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
+"L'attribut LDAP qui contient la catégorie utilisateur tels que « all »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr "Par défaut : userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_host_category (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
-msgstr ""
+msgstr "L'attribut LDAP qui contient la catégorie hôte tels que « all »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr "Par défaut : hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
-msgstr ""
+msgstr "ipa_selinux_usermap_uuid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
-msgstr ""
+msgstr "L'attribut LDAP qui contient l'ID unique de la carte de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr "Par défaut : ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
-msgstr ""
+msgstr "ipa_host_ssh_public_key (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
-msgstr ""
+msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'hôte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr "Par défaut : ipaSshPubKey"
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This examples shows only the ipa provider-specific options."
msgstr ""
-"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com "
+"L'exemple suivant suppose que SSSD est correctement configuré et example.com "
"est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces "
"exemples montrent seulement les options spécifiques au fournisseur IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6361,15 +7083,15 @@ msgid ""
" ipa_server = ipaserver.example.com\n"
" ipa_hostname = myhost.example.com\n"
msgstr ""
-" [domain/exemple.com]\n"
+" [domain/example.com]\n"
" id_provider = ipa\n"
-" ipa_server = ipaserver.exemple.com\n"
-" ipa_hostname = mon_hôte.exemple.com\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
msgid "sssd-ad"
-msgstr ""
+msgstr "sssd-ad"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:23
@@ -6380,6 +7102,12 @@ msgid ""
"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
+"Cette page de manuel décrit la configuration du fournisseur AD pour "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Pour une référence détaillée sur la syntaxe, cf. la section "
+"<quote>FORMAT DE FICHIER</quote> de la page de manuel <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:36
@@ -6388,6 +7116,9 @@ msgid ""
"This provider requires that the machine be joined to the AD domain and a "
"keytab is available."
msgstr ""
+"Le fournisseur AD est un moteur utilisé pour se connecter à un serveur "
+"Active Directory. Ce fournisseur exige que la machine soit jointe au domaine "
+"AD et qu'un fichier keytab soit disponible."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:41
@@ -6395,6 +7126,9 @@ msgid ""
"The AD provider supports connecting to Active Directory 2008 R2 or later. "
"Earlier versions may work, but are unsupported."
msgstr ""
+"Le fournisseur AD prend en charge la connexion à Active Directory 2008 R2 ou "
+"ultérieures. Les versions antérieures peuvent fonctionner, mais ne sont pas "
+"supportées."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:45
@@ -6405,6 +7139,11 @@ msgid ""
"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
"provider with some exceptions described below."
msgstr ""
+"Le fournisseur AD accepte les mêmes options utilisées par le fournisseur "
+"d'identité <citerefentry><refentrytitle>sssd-ldap</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> et le fournisseur d'authentification "
+"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> avec les quelques exceptions décrites ci-dessous."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:57
@@ -6413,6 +7152,10 @@ msgid ""
"AD provider can also be used as an access and chpass provider. No "
"configuration of the access provider is required on the client side."
msgstr ""
+"Toutefois, il n'est ni nécessaire ni recommandé de définir ces options. Le "
+"fournisseur AD peut également être utilisé comme fournisseur d'accès et "
+"fournisseur chpass. Aucune configuration du fournisseur d'accès n'est "
+"requise côté client."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-ad.5.xml:69
@@ -6421,6 +7164,8 @@ msgid ""
"ldap_id_mapping = False\n"
" "
msgstr ""
+"ldap_id_mapping = False\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:63
@@ -6431,11 +7176,18 @@ msgid ""
"rely on POSIX attributes defined in Active Directory, you should set "
"<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Dans son comportement par défaut, le fournisseur AD associera les valeurs "
+"UID et GID à partir du paramètre objectSID dans Active Directory. Pour plus "
+"d'informations sur le sujet, voir la section <quote>CORRESPONDANCES "
+"D'IDENTIFIANTS</quote> ci-dessous. Si vous souhaitez désactiver la "
+"correspondance d'ID et vous appuyer plutôt sur les attributs POSIX définis "
+"dans Active Directory, il faut définir <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:83
msgid "ad_domain (string)"
-msgstr ""
+msgstr "ad_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:86
@@ -6443,6 +7195,8 @@ msgid ""
"Specifies the name of the Active Directory domain. This is optional. If not "
"provided, the configuration domain name is used."
msgstr ""
+"Spécifie le nom du domaine Active Directory. Ceci est optionnel. S'il n'est "
+"pas fourni, le nom de domaine de la configuration est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:91
@@ -6450,11 +7204,13 @@ msgid ""
"For proper operation, this option should be specified as the lower-case "
"version of the long version of the Active Directory domain."
msgstr ""
+"Pour un fonctionnement correct, cette option doit être le nom long du "
+"domaine Active Directory, spécifié en minuscules."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:99
msgid "ad_server, ad_backup_server (string)"
-msgstr ""
+msgstr "ad_server, ad_backup_server (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:102
@@ -6465,11 +7221,18 @@ msgid ""
"This is optional if autodiscovery is enabled. For more information on "
"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
msgstr ""
+"La liste par ordre de préférence séparée par des virgules des adresses IP ou "
+"des noms de systèmes des serveurs AD auquel SSSD doit se connecter. Pour "
+"plus d'informations sur la redondance de serveurs et le basculement, "
+"consulter la section <quote>BASCULEMENT</quote>. Ceci est optionnel si la "
+"découverte automatique est activée. Pour plus d'informations sur la "
+"découverte de services, se reporter à la section de <quote>DÉCOUVERTE DE "
+"SERVICE</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:115
msgid "ad_hostname (string)"
-msgstr ""
+msgstr "ad_hostname (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:118
@@ -6478,6 +7241,9 @@ msgid ""
"fully qualified name used in the Active Directory domain to identify this "
"host."
msgstr ""
+"Facultatif. Peut être défini sur les machines où le hostname(5) ne reflète "
+"pas le nom pleinenent qualifié utilisé dans le domaine Active Directory pour "
+"identifier ce système."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:124
@@ -6485,6 +7251,9 @@ msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
+"Ce champ est utilisé pour déterminer le principal d'hôte utilisé dans un "
+"fichier keytab. Elle doit correspondre au nom du système pour lequel a été "
+"publié un fichier keytab."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
#: sssd-ad.5.xml:193
@@ -6493,17 +7262,22 @@ msgid ""
"fallback_homedir = /home/%u\n"
" "
msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
"This example shows only the AD provider-specific options."
msgstr ""
+"L'exemple suivant suppose que SSSD est correctement configuré et example.com "
+"est un des domaines de la section <replaceable>[sssd]</replaceable>. Ces "
+"exemples montrent seulement les options spécifiques au fournisseur AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6516,11 +7290,44 @@ msgid ""
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
msgstr ""
+"[domain/EXAMPLE]\n"
+"id_provider = ad\n"
+"auth_provider = ad\n"
+"access_provider = ad\n"
+"chpass_provider = ad\n"
+"\n"
+"ad_server = dc1.example.com\n"
+"ad_hostname = client.example.com\n"
+"ad_domain = example.com\n"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
-msgstr ""
+msgstr "sssd-sudo"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+#, fuzzy
+#| msgid "Configuring sudo to cooperate with SSSD"
+msgid "Configuring sudo with the SSSD back end"
+msgstr "Configuration de sudo pour coopérer avec SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
@@ -6530,11 +7337,16 @@ msgid ""
"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
msgstr ""
+"Cette page de manuel décrit comment configurer "
+"<citerefentry><refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> pour travailler avec <citerefentry><refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum></citerefentry> et comment SSSD met "
+"en cache les règles sudo."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:36
msgid "Configuring sudo to cooperate with SSSD"
-msgstr ""
+msgstr "Configuration de sudo pour coopérer avec SSSD"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:38
@@ -6544,6 +7356,10 @@ msgid ""
"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
+"Pour activer SSSD comme source pour les règles de sudo, ajouter "
+"<emphasis>sss</emphasis> à l'entrée <emphasis>sudoers</emphasis> dans "
+"<citerefentry><refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:47
@@ -6554,12 +7370,17 @@ msgid ""
"local users) and then in SSSD, the nsswitch.conf file should contain the "
"following line:"
msgstr ""
+"Par exemple, pour configurer sudo pour rechercher d'abord les règles dans le "
+"fichier standard <citerefentry><refentrytitle>sudoers</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> (qui doit contenir les règles qui "
+"s'appliquent aux utilisateurs locaux) et ensuite dans SSSD, le fichier "
+"nsswitch.conf doit contenir la ligne suivante :"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:57
#, no-wrap
msgid "sudoers: files sss\n"
-msgstr ""
+msgstr "sudoers: files sss\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:61
@@ -6570,11 +7391,16 @@ msgid ""
"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
"citerefentry>."
msgstr ""
+"Plus d'informations sur la configuration de l'ordre de recherche de sudoers "
+"depuis le fichier nsswitch.conf, mais aussi les informations sur le schéma "
+"LDAP qui est utilisé pour stocker les règles sudo dans l'annuaire sont "
+"disponibles dans <citerefentry><refentrytitle>sudoers.ldap</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:72
msgid "Configuring SSSD to fetch sudo rules"
-msgstr ""
+msgstr "Configuration de SSSD pour aller chercher les règles de sudo"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:74
@@ -6582,6 +7408,8 @@ msgid ""
"The following example shows how to configure SSSD to download sudo rules "
"from an LDAP server."
msgstr ""
+"L'exemple suivant montre comment configurer SSSD pour télécharger les règles "
+"sudo à partir d'un serveur LDAP."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:79
@@ -6598,6 +7426,16 @@ msgid ""
"ldap_uri = ldap://example.com\n"
"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
msgstr ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ldap\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:92
@@ -6608,6 +7446,11 @@ msgid ""
"server, because SSSD does not have native support of IPA provider for sudo "
"yet."
msgstr ""
+"L'exemple suivant illustre le paramétrage de SSSD pour télécharger les "
+"règles sudo depuis un serveur IPA. Il est nécessaire d'utiliser le "
+"fournisseur LDAP et de définir des paramètres de connexion appropriés afin "
+"de s'authentifier correctement sur le serveur IPA, car SSSD ne possède pas "
+"encore de prise en charge native du fournisseur sudo de IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-sudo.5.xml:100
@@ -6632,11 +7475,29 @@ msgid ""
"ldap_sasl_realm = EXAMPLE.COM\n"
"krb5_server = ipa.example.com\n"
msgstr ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ipa\n"
+"ipa_domain = example.com\n"
+"ipa_server = ipa.example.com\n"
+"ldap_tls_cacert = /etc/ipa/ca.crt\n"
+"\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://ipa.example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+"ldap_sasl_mech = GSSAPI\n"
+"ldap_sasl_authid = host/hostname.example.com\n"
+"ldap_sasl_realm = EXAMPLE.COM\n"
+"krb5_server = ipa.example.com\n"
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:123
msgid "The SUDO rule caching mechanism"
-msgstr ""
+msgstr "Le mécanisme de mise en cache de règles SUDO"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:125
@@ -6648,6 +7509,13 @@ msgid ""
"of updates. They are referred to as full refresh, smart refresh and rules "
"refresh."
msgstr ""
+"Le plus grand défi lors du développement de la prise en charge de sudo dans "
+"SSSD était de de s'assurer que l'utilisation d'un sudo exploitant SSSD comme "
+"source de données fournissait la même expérience utilisateur et était aussi "
+"rapide que sudo, tout en conservant le jeu de règles le plus à jour "
+"possible. Pour satisfaire ces exigences, SSSD utilise trois types de mises à "
+"jour. Elles sont appelées actualisation complète, rafraîchissement "
+"intelligent et rafraîchissement des règles."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:133
@@ -6657,6 +7525,11 @@ msgid ""
"database growing by fetching only small increments that do not generate "
"large amounts of network traffic."
msgstr ""
+"Le <emphasis>rafraîchissement intelligent</emphasis> télécharge "
+"périodiquement les règles qui sont nouvelles ou qui ont été modifiées après "
+"la dernière mise à jour. Son but premier est d'éviter à la base de données "
+"de grossir en allant chercher de petits incréments qui ne génèrent pas de "
+"gros de trafic réseau."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:139
@@ -6668,6 +7541,13 @@ msgid ""
"and thus it should be run only occasionally depending on the size and "
"stability of the sudo rules."
msgstr ""
+"Le <emphasis>rafracîchissement complèt</emphasis> supprime simplement toutes "
+"les règles sudo stockées dans le cache et les remplace par toutes les règles "
+"qui sont stockées sur le serveur. Ceci est utilisé pour assurer la cohérence "
+"de cache en supprimant toutes les règles qui ont été supprimées du serveur. "
+"Cependant, un rafraîchissement complet peut produire beaucoup de trafic et "
+"doit n'être exécuté qu'occasionnellement selon la taille et de la stabilité "
+"des règles sudo."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:147
@@ -6679,6 +7559,14 @@ msgid ""
"these rules are missing on the server, the SSSD will do an out of band full "
"refresh because more rules (that apply to other users) may have been deleted."
msgstr ""
+"Le <emphasis>rafraîchissement des règles</emphasis> fait en sorte de ne pas "
+"accorder à l'utilisateur plus d'autorisations que défini. Il est déclenché "
+"chaque fois que l'utilisateur exécute sudo. L'actualisation des règles "
+"trouvera toutes les règles qui s'appliquent à cet utilisateur, vérifie leur "
+"date d'expiration et les retéléchargera si elles ont expiré. Dans le cas où "
+"l'une de ces règles est manquante sur le serveur, SSSD programmera en "
+"parallèle un rafraîchissement complet hors ligne car d'autres règles "
+"(s'appliquant à d'autres utilisateurs) peuvent avoir été supprimées."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:156
@@ -6687,36 +7575,40 @@ msgid ""
"This means rules that contain one of the following values in "
"<emphasis>sudoHost</emphasis> attribute:"
msgstr ""
+"Si activé, SSSD stocke uniquement les règles qui peuvent être appliquées à "
+"cette machine. En d'autres termes, ce sont les règles qui contiennent une "
+"des valeurs suivantes dans l'attribut de <emphasis>sudoHost</emphasis> :"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:163
msgid "keyword ALL"
-msgstr ""
+msgstr "mot-clé ALL"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:173
msgid "netgroup (in the form \"+netgroup\")"
-msgstr ""
+msgstr "netgroup (sous la forme « +netgroup »)"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:178
msgid "hostname or fully qualified domain name of this machine"
msgstr ""
+"nom de système ou le nom de domaine pleinement qualifié de cette machine"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:183
msgid "one of the IP addresses of this machine"
-msgstr ""
+msgstr "une des adresses IP de cette machine"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:188
msgid "one of the IP addresses of the network (in the form \"address/mask\")"
-msgstr ""
+msgstr "une des adresses IP du réseau (sous la forme « adresse/masque »)"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:194
@@ -6727,6 +7619,12 @@ msgid ""
"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
msgstr ""
+"Il existe de nombreuses options de configuration qui peuvent être utilisées "
+"pour ajuster le comportement. Consulter « ldap_sudo_ * » dans "
+"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> et « sudo_ * » dans "
+"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd.8.xml:10 sssd.8.xml:15
@@ -6759,13 +7657,13 @@ msgid ""
"extended user data."
msgstr ""
"<command>SSSD</command> fournit un jeu de démons pour gérer l'accès à des "
-"dossiers distants et des mécanismes d'authentification. Il fournit une "
-"interface NSS et PAM au travers du système et un moteur système intégré pour "
-"se connecter à de multiples comptes de source différente tout comme "
-"l'interface D-Bus. C'est aussi un moyen de fournir un audit client et une "
-"politique de services pour les projets tels que FreeIPA. Il fournit une base "
-"de donnée plus robuste pour stocker les utilisateurs locaux ainsi que les "
-"données des utilisateurs étendus."
+"dossiers distants et les mécanismes d'authentification. Il fournit une "
+"interface NSS et PAM au travers du système et un moteur système extensible "
+"par greffons pour se connecter à de multiples comptes de sources différentes "
+"en plus d'une interface D-Bus. C'est aussi un moyen de fournir un moyen "
+"d'audit client et une politique de services pour les projets tels que "
+"FreeIPA. Il fournit une base de donnée plus robuste pour stocker les "
+"utilisateurs locaux ainsi que les données étendues des utilisateurs."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:46
@@ -6826,7 +7724,7 @@ msgid ""
"files for every SSSD service and domain."
msgstr ""
"Envoie la sortie de débogage vers des fichiers plutôt que vers la sortie "
-"standard d'erreurs. Par défaut, les fichiers de sortie sont stockés dans "
+"d'erreur standard. Par défaut, les fichiers de sortie sont stockés dans "
"<filename>/var/log/sssd</filename> et des fichiers différents sont créés "
"pour chaque service et domaine SSSD."
@@ -6838,7 +7736,7 @@ msgstr "<option>-D</option>,<option>--daemon</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:101
msgid "Become a daemon after starting up."
-msgstr "Se transforme en démon au prochain redémarrage."
+msgstr "Devenir un démon après le démarrage."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:107 sss_seed.8.xml:136
@@ -6848,7 +7746,7 @@ msgstr "<option>-i</option>,<option>--interactive</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:111
msgid "Run in the foreground, don't become a daemon."
-msgstr "Tourne un avant-plan et ne devient pas un démon."
+msgstr "Tourner en avant-plan et ne pas devenir un démon."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:117 sss_debuglevel.8.xml:42
@@ -6863,21 +7761,21 @@ msgid ""
"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
"<manvolnum>5</manvolnum> </citerefentry> manual page."
msgstr ""
-"Définit un fichier de configuration pas par défaut. Par défaut c'est "
-"<filename>/etc/sssd/sssd.conf</filename>. Pour avoir des informations sur la "
-"syntaxe et les options du fichier de configuration, veuillez consulter les "
-"pages du manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
-"<manvolnum>5</manvolnum> </citerefentry>."
+"Définit un fichier de configuration autre que celui par défaut (<filename>/"
+"etc/sssd/sssd.conf</filename>). Pour obtenir des informations sur la syntaxe "
+"et les options du fichier de configuration, consulter les pages de manuel de "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:135
msgid "<option>--version</option>"
-msgstr ""
+msgstr "<option>--version</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sssd.8.xml:139
msgid "Print version number and exit."
-msgstr ""
+msgstr "Afficher le numéro de version et quitter."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd.8.xml:147
@@ -6895,8 +7793,8 @@ msgid ""
"Informs the SSSD to gracefully terminate all of its child processes and then "
"shut down the monitor."
msgstr ""
-"Indique à SSSD de fermer normalement tous ses processus fils et après "
-"d'éteindre le moniteur."
+"Indique à SSSD de fermer normalement tous ses processus fils puis d'arrêter "
+"le moniteur."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sssd.8.xml:159
@@ -6911,7 +7809,7 @@ msgid ""
"like logrotate."
msgstr ""
"Précise à SSSD de ne plus écrire vers son fichier de débogage actuel, de le "
-"fermer et de le rouvrir. Cela permet de faciliter les roulements de fichiers "
+"fermer et de le rouvrir. Cela permet de faciliter les rotations de fichiers "
"de sortie avec des programmes tels que logrotate."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
@@ -6950,7 +7848,7 @@ msgstr "sss_obfuscate"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_obfuscate.8.xml:16
msgid "obfuscate a clear text password"
-msgstr "masquer un mot de passe en texte plein"
+msgstr "obscurcir un mot de passe en clair"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_obfuscate.8.xml:21
@@ -6960,7 +7858,7 @@ msgid ""
"replaceable></arg>"
msgstr ""
"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
-"replaceable> </arg> <arg choice='plain'><replaceable>[MOT_DE_PASSE]</"
+"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
"replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
@@ -6971,8 +7869,8 @@ msgid ""
"config file."
msgstr ""
"<command>sss_obfuscate</command> convertit un mot de passe donné en un "
-"format lisible et le place dans la section du domaine afférent au fichier de "
-"configuration SSSD."
+"format illisible par un humain et le place dans la section de domaine "
+"appropriée du fichier de configuration SSSD."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_obfuscate.8.xml:37
@@ -7004,7 +7902,7 @@ msgid ""
msgstr ""
"Veuillez noter que les mots de passe chiffrés ne fournissent <emphasis>aucun "
"réel bénéfice de sécurité</emphasis> étant donné qu'il est possible de "
-"retrouver le mot de passe par ingénierie-inverse. utiliser un meilleur "
+"retrouver le mot de passe par ingénierie-inverse. Utiliser un meilleur "
"mécanisme d'authentification tel que les certificats côté client ou GSSAPI "
"est <emphasis>très</emphasis> conseillé."
@@ -7063,7 +7961,7 @@ msgstr "sss_useradd"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_useradd.8.xml:16
msgid "create a new user"
-msgstr "Créer un utilisateur"
+msgstr "créer un utilisateur"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_useradd.8.xml:21
@@ -7073,7 +7971,7 @@ msgid ""
"arg>"
msgstr ""
"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
-"replaceable> </arg> <arg choice='plain'><replaceable>NOM_D_UTILISATEUR</"
+"replaceable> </arg> <arg choice='plain'><replaceable>UTILISATEUR</"
"replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
@@ -7126,8 +8024,8 @@ msgid ""
"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
"replaceable>"
msgstr ""
-"<option>-h</option>,<option>--home</option> "
-"<replaceable>RÉPERTOIRE_PERSONNEL</replaceable>"
+"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_useradd.8.xml:72
@@ -7139,18 +8037,17 @@ msgid ""
"baseDirectory</quote> setting in sssd.conf."
msgstr ""
"Le répertoire personnel du compte utilisateur. Par défaut, on ajoute "
-"<replaceable>NOM_D_UTILISATEUR</replaceable> à <filename>/home</filename> et "
-"on utilise cela comme dossier personnel. La base précédent "
-"<replaceable>NOM_D_UTILISATEUR</replaceable> est modifiable avec le "
-"paramètre <quote>user_defaults/baseDirectory</quote> dans sssd.conf."
+"<replaceable>LOGIN</replaceable> à <filename>/home</filename> et on utilise "
+"cela comme dossier personnel. La base précédent <replaceable>LOGIN</"
+"replaceable> est modifiable avec le paramètre <quote>user_defaults/"
+"baseDirectory</quote> de sssd.conf."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
msgid ""
"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
msgstr ""
-"<option>-s</option>,<option>--shell</option> "
-"<replaceable>INTERPRÉTEUR_DE_COMMANDE</replaceable>"
+"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_useradd.8.xml:87
@@ -7159,9 +8056,9 @@ msgid ""
"filename>. The default can be changed with <quote>user_defaults/"
"defaultShell</quote> setting in sssd.conf."
msgstr ""
-"L'interpréteur de commande de l'utilisateur. Par défaut c'est actuellement "
-"<filename>/bin/bash</filename>. Cette valeur par défaut peut être modifiée "
-"avec le paramètre <quote>user_defaults/defaultShell</quote> dans sssd.conf."
+"L'interpréteur de commande de l'utilisateur. La valeur par défaut actuelle, "
+"<filename>/bin/bash</filename>, peut être modifiée avec le paramètre "
+"<quote>user_defaults/defaultShell</quote> dans sssd.conf."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:96
@@ -7175,7 +8072,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_useradd.8.xml:101
msgid "A list of existing groups this user is also a member of."
-msgstr "Une liste de groupes existants dont l'utilisateur est aussi un membre."
+msgstr "Une liste de groupes existants dont l'utilisateur est aussi membre."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:107
@@ -7189,10 +8086,10 @@ msgid ""
"directories contained in the skeleton directory (which can be defined with "
"the -k option or in the config file) will be copied to the home directory."
msgstr ""
-"Crée le répertoire personne de l'utilisateur s'il n'existe pas. Les fichiers "
-"et répertoires inclus dans le répertoire squelette (pouvant être définit "
-"avec l'option -k ou dans le fichier de configuration) sont copiés dans le "
-"dossier personnel."
+"Crée le répertoire personnel de l'utilisateur s'il n'existe pas. Les "
+"fichiers et répertoires inclus dans le répertoire squelette (pouvant être "
+"définis avec l'option -k ou dans le fichier de configuration) sont copiés "
+"dans le dossier personnel."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:121
@@ -7213,8 +8110,8 @@ msgid ""
"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
"replaceable>"
msgstr ""
-"<option>-k</option>,<option>--skel</option> "
-"<replaceable>RÉPERTOIRE_SQUELETTE</replaceable>"
+"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_useradd.8.xml:137
@@ -7236,7 +8133,7 @@ msgid ""
msgstr ""
"L'option n'est valide que si l'option <option>-m</option> (ou <option>--"
"create-home</option>) est utilisée ou si la création de répertoires "
-"personnels est sur VRAI dans la configuration."
+"personnels est à TRUE dans la configuration."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
@@ -7311,12 +8208,12 @@ msgstr ""
"Le moteur d'authentification Kerberos 5 contient les fournisseurs "
"d'autentification et de changement de mot de passe. Il doit être couplé avec "
"un fournisseur d'identité de manière à fonctionner proprement (par exemple, "
-"id_provider = ldap). Quelques informations requises par le moteur "
-"d'authentification Kerberos 5 doit être fournit par le fournisseur "
-"d'identité, telles que le nom principal de l'utilisateur Kerberos (UPN). La "
-"configuration du fournisseur d'identité doit avoir une entrée pour spécifier "
-"l'UPN. Veuillez vous référer aux pages du manuel du fournisseur d'identité "
-"ad-hoc pour pouvoir le configurer."
+"id_provider = ldap). Certaines informations requises par le moteur "
+"d'authentification Kerberos 5 doivent être fournies par le fournisseur "
+"d'identité, telles que le nom du principal de l'utilisateur Kerberos (UPN). "
+"La configuration du fournisseur d'identité doit avoir une entrée pour "
+"spécifier l'UPN. Veuillez vous référer aux pages du manuel du fournisseur "
+"d'identité ad-hoc pour pouvoir le configurer."
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:47
@@ -7340,7 +8237,7 @@ msgstr ""
"répertoire personnel de l'utilisateur. Voir <citerefentry> <refentrytitle>."
"k5login</refentrytitle><manvolnum>5</manvolnum> </citerefentry> pour plus de "
"détails. Veuillez noter qu'un fichier .k5login vide interdira tout accès "
-"pour cet utilisateur. Pour activer cette option, utilisez « access_provider "
+"pour cet utilisateur. Pour activer cette option, utiliser « access_provider "
"= krb5 » dans votre configuration de sssd."
#. type: Content of: <reference><refentry><refsect1><para>
@@ -7355,12 +8252,21 @@ msgid ""
"<command>sssd</command> will construct a UPN using the format "
"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
msgstr ""
-"Dans le cas où l'UPN n'est pas valide dans le moteur d'identité "
+"Dans le cas où l'UPN n'est pas valide dans le moteur d'identité, "
"<command>sssd</command> construira un UPN en utilisant le format "
"<replaceable>utilisateur</replaceable>@<replaceable>krb5_realm</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:77
+#, fuzzy
+#| msgid ""
+#| "Specifies the comma-separated list of IP addresses or hostnames of the "
+#| "Kerberos servers to which SSSD should connect in the order of preference. "
+#| "For more information on failover and server redundancy, see the "
+#| "<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+#| "colon) may be appended to the addresses or hostnames. If empty, service "
+#| "discovery is enabled - for more information, refer to the <quote>SERVICE "
+#| "DISCOVERY</quote> section."
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect, in the order of preference. "
@@ -7370,6 +8276,14 @@ msgid ""
"discovery is enabled; for more information, refer to the <quote>SERVICE "
"DISCOVERY</quote> section."
msgstr ""
+"Spécifie par ordre de préférence la liste séparée par des virgules des "
+"adresses IP ou des noms de systèmes des serveurs Kerberos auquel SSSD doit "
+"se connecter. Pour plus d'informations sur la redondance de basculement et "
+"le serveur, consulter la section <quote>BASCULEMENT</quote>. Un numéro de "
+"port facultatif (précédé de deux-points) peut être ajouté aux adresses ou "
+"aux noms de systèmes. Si vide, la découverte de services est activée - pour "
+"plus d'informations, se reporter à la section de <quote>DÉCOUVERTE DE "
+"SERVICES</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:106
@@ -7383,7 +8297,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:113
msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
-msgstr ""
+msgstr "krb5_kpasswd, krb5_backup_kpasswd (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:116
@@ -7451,14 +8365,14 @@ msgid ""
"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
"</citerefentry> for details) is created."
msgstr ""
-"Répertoire pour stocker les caches crédits. Toutes les séquences de "
-"substitution de krb5_ccname_template peut être utilisée ici, aussi, hormis "
-"%d et %P. Si le dossier n'existe pas il sera créé. Si %u, %U, %p ou %h sont "
-"utilisés un répertoire privé appartenant à l'utilisateur est créé. Sinon un "
-"répertoire public avec un drapeau de restriction à la suppression (aussi "
-"appelé « sticky bit », voir <citerefentry> <refentrytitle>chmod</"
-"refentrytitle> <manvolnum>1</manvolnum> </citerefentry> pour plus de "
-"détails) est créé."
+"Répertoire pour stocker les caches de données d'identification. Toutes les "
+"séquences de substitution de krb5_ccname_template peuvent aussi être "
+"utilisées ici, hormis %d et %P. Le dossier sera créé s'il n'existe pas. Si "
+"%u, %U, %p ou %h sont utilisés, un répertoire privé appartenant à "
+"l'utilisateur est créé. Sinon un répertoire public avec un drapeau de "
+"restriction à la suppression (aussi appelé « sticky bit », voir "
+"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> pour plus de détails) est créé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:152
@@ -7473,7 +8387,7 @@ msgstr "krb5_ccname_template (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:174
msgid "login UID"
-msgstr "identifiant UID"
+msgstr "UID de l'utilisateur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:177
@@ -7483,7 +8397,7 @@ msgstr "%p"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:178
msgid "principal name"
-msgstr "nom principal"
+msgstr "nom du principal"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:182
@@ -7524,6 +8438,15 @@ msgstr "l'ID de processus du client sssd"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:161
+#, fuzzy
+#| msgid ""
+#| "Location of the user's credential cache. Two credential cache types are "
+#| "currently supported - <quote>FILE</quote> and <quote>DIR</quote>. The "
+#| "cache can either be specified as <replaceable>TYPE:RESIDUAL</"
+#| "replaceable>, or an absolute path, which implies the <quote>FILE</quote> "
+#| "type. In the template the following sequences are substituted: "
+#| "<placeholder type=\"variablelist\" id=\"0\"/> If the template ends with "
+#| "'XXXXXX' mkstemp(3) is used to create a unique filename in a safe way."
msgid ""
"Location of the user's credential cache. Two credential cache types are "
"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache "
@@ -7533,6 +8456,14 @@ msgid ""
"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is "
"used to create a unique filename in a safe way."
msgstr ""
+"Emplacement du cache d'informations d'identification de l'utilisateur. Deux "
+"types de cache sont actuellement pris en charge - <quote>FILE</quote> et "
+"<quote>DIR</quote>. Le cache peut soit être spécifié comme <replaceable>TYPE:"
+"RESIDUAL</replaceable>, ou un chemin d'accès absolu, ce qui implique le type "
+"<quote>FILE</quote>. Dans le modèle, les séquences suivantes sont "
+"substituées : <placeholder type=\"variablelist\" id=\"0\"/>. Si le modèle se "
+"termine par « XXXXXX », mkstemp (3) est utilisé pour créer un nom de fichier "
+"unique en toute sécurité."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:212
@@ -7556,8 +8487,8 @@ msgid ""
"request is aborted. If possible, the authentication request is continued "
"offline."
msgstr ""
-"Délai d'attente, en secondes, après une requête d'authentification en ligne "
-"ou de changement de mot de passe annulé. Si possible la requête "
+"Délai d'attente, en secondes, après l'échec d'une requête d'authentification "
+"ou de changement de mot de passe en ligne. Si cela est possible, la requête "
"d'authentification sera effectuée hors-ligne."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -7582,8 +8513,8 @@ msgid ""
"The location of the keytab to use when validating credentials obtained from "
"KDCs."
msgstr ""
-"L'emplacement du fichier keytab à utiliser pour valider les crédits obtenus "
-"à partir de KDC."
+"L'emplacement du fichier keytab à utiliser pour valider les données "
+"d'identification obtenues à partir de KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:257
@@ -7610,11 +8541,21 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:271
+#, fuzzy
+#| msgid ""
+#| "Please note that this feature currently only available on a Linux "
+#| "platform. Passwords stored in this way are kept in plaintext in the "
+#| "kernel keyring and are potentially accessible by the root user (with "
+#| "difficulty)."
msgid ""
"NOTE: this feature is only available on Linux. Passwords stored in this way "
"are kept in plaintext in the kernel keyring and are potentially accessible "
"by the root user (with difficulty)."
msgstr ""
+"Veuillez noter que cette fonctionnalité n'est actuellement disponible que "
+"sur les plates-formes Linux. Les mots de passe stockés de cette manière sont "
+"conservés en texte brut dans le trousseau de clés du noyau et sont "
+"potentiellement accessibles à l'utilisateur root (avec difficulté)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:284
@@ -7631,7 +8572,7 @@ msgid ""
"Request a renewable ticket with a total lifetime, given as an integer "
"immediately followed by a time unit:"
msgstr ""
-"Demande un ticket renouvelable avec un temps de vie total donné par un "
+"Demande un ticket renouvelable avec une durée de vie totale donnée par un "
"entier immédiatement suivi par un des séparateurs suivants :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -7706,8 +8647,8 @@ msgid ""
"Request ticket with a with a lifetime, given as an integer immediately "
"followed by a time unit:"
msgstr ""
-"Demande un ticket avec un temps de vie donné par un entier immédiatement "
-"suivi par un des séparateurs suivant :"
+"Demande un ticket avec une durée de vie donnée par un entier immédiatement "
+"suivi par un des séparateurs suivants :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:338
@@ -7728,7 +8669,7 @@ msgid ""
"half hours please use '90m' instead of '1h30m'."
msgstr ""
"Veuillez noter qu'on ne peut pas mélanger les unités. Si vous voulez définir "
-"un temps de vie de une heure et demi, veuillez utilisere « 90m » au lieu de "
+"une durée de vie de une heure et demi, veuillez utiliser « 90m » au lieu de "
"« 1h30 »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -7736,7 +8677,7 @@ msgstr ""
msgid ""
"Default: not set, i.e. the default ticket lifetime configured on the KDC."
msgstr ""
-"Par défaut : non définit, c'est-à-dire le temps de vie par défaut configuré "
+"Par défaut : non défini, c'est-à-dire la durée de vie par défaut configurée "
"dans le KDC."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
@@ -7751,8 +8692,8 @@ msgid ""
"are renewed if about half of their lifetime is exceeded."
msgstr ""
"Le temps, en secondes, entre deux vérifications pour savoir si le TGT doit "
-"être renouvellé. Les TGT sont renouvellés si environ la moitié de leur temps "
-"de vie est dépassé."
+"être renouvelé. Les TGT sont renouvelés si environ la moitié de leur durée "
+"de vie est dépassée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:362
@@ -7760,8 +8701,8 @@ msgstr ""
#| msgid "If this option is not set or 0 the automatic renewal is disabled."
msgid "If this option is not set or is 0 the automatic renewal is disabled."
msgstr ""
-"Si cette option n'est pas définie ou mise à zéro le renouvellement "
-"automatique est désactivé."
+"Si cette option n'est pas définie ou mise à 0, le renouvellement automatique "
+"est désactivé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:372
@@ -7774,7 +8715,7 @@ msgid ""
"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
"authentication. The following options are supported:"
msgstr ""
-"Active leflexible authentication secure tunneling (FAST) pour la pré-"
+"Active le flexible authentication secure tunneling (FAST) pour la pré-"
"authentification Kerberos. Les options suivantes sont supportées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -7826,17 +8767,24 @@ msgstr "Par défaut : non défini, i.e. FAST n'est pas utilisé."
#, fuzzy
#| msgid "Please note that a keytab is required to use fast."
msgid "NOTE: a keytab is required to use FAST."
-msgstr ""
-"Veuillez prendre note que le fichier keytab est nécessaire pour utiliser "
-"FAST."
+msgstr "Noter que le fichier keytab est requis pour pouvoir utiliser FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:400
+#, fuzzy
+#| msgid ""
+#| "Please note also that sssd supports fast only with MIT Kerberos version "
+#| "1.8 and above. If sssd used with an older version using this option is a "
+#| "configuration error."
msgid ""
"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
"SSSD is used with an older version of MIT Kerberos, using this option is a "
"configuration error."
msgstr ""
+"Veuillez noter que sssd prend également en charge le paramètre fast "
+"uniquement avec MIT Kerberos version 1.8 et au-delà. L'utilisation de sssd "
+"avec une version antérieure avec cette option est une erreur de "
+"configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:409
@@ -7850,19 +8798,27 @@ msgstr "Spécifie le serveur principal pour utiliser FAST."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:421
+#, fuzzy
+#| msgid ""
+#| "Specifies if the host and user principal should be canonicalized. This "
+#| "feature is available with MIT Kerberos >= 1.7"
msgid ""
"Specifies if the host and user principal should be canonicalized. This "
"feature is available with MIT Kerberos 1.7 and later versions."
msgstr ""
+"Spécifie si les principaux du système et de l'utilisateur doivent être "
+"rendus canoniques. Cette fonctionnalité est disponible avec MIT Kerberos >= "
+"1.7"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
#, fuzzy
#| msgid ""
-#| "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
-#| "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
-#| "citerefentry> manual page for details on the configuration of an SSSD "
-#| "domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+#| "If the auth-module krb5 is used in a SSSD domain, the following options "
+#| "must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, "
+#| "section <quote>DOMAIN SECTIONS</quote> for details on the configuration "
+#| "of a SSSD domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgid ""
"If the auth-module krb5 is used in an SSSD domain, the following options "
"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
@@ -7870,29 +8826,31 @@ msgid ""
"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
-"Veuillez vous référer à la section <quote>SECTIONS DE DOMAINE</quote> du "
-"manuel de <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
-"<manvolnum>5</manvolnum> </citerefentry> pour les détails sur la "
-"configuration du domaine SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
+"Si le module d'authentifcation krb5 est utilisé dans un domaine SSSD, les "
+"options suivantes doivent être utilisées. Cf. la page de manuel "
+"<citerefentry><refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>, section <quote>SECTIONS DOMAINE</quote> pour plus "
+"de détails sur la configuration d'un domaine SSSD. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:443
#, fuzzy
#| msgid ""
-#| "The following example assumes that SSSD is correctly configured and "
-#| "example.com is one of the domains in the <replaceable>[sssd]</"
-#| "replaceable> section. This examples shows only the simple access provider-"
-#| "specific options."
+#| "The following example assumes that SSSD is correctly configured and FOO "
+#| "is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+#| "This example shows only configuration of Kerberos authentication, it does "
+#| "not include any identity provider."
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
"example shows only configuration of Kerberos authentication; it does not "
"include any identity provider."
msgstr ""
-"L'exemple suivant suppose que SSSD est correctement configuré et exemple.com "
-"est un des domaines dans la section <replaceable>[sssd]</replaceable>. Ces "
-"exemples montrent seulement les options du simple fournisseur d'accès "
-"spécifique."
+"L'exemple suivant suppose que SSSD est correctement configuré et que FOO est "
+"l'un des domaines dans la section <replaceable>[sssd]</replaceable>. Cet "
+"exemple montre uniquement la configuration de l'authentification Kerberos, "
+"et n'inclut pas une autre fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sssd-krb5.5.xml:451
@@ -7906,7 +8864,7 @@ msgstr ""
" [domain/FOO]\n"
" auth_provider = krb5\n"
" krb5_server = 192.168.1.1\n"
-" krb5_realm = EXEMPLE.COM\n"
+" krb5_realm = EXAMPLE.COM\n"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
@@ -7936,6 +8894,9 @@ msgid ""
"compatible with POSIX groups, with the additional feature that they can "
"contain other groups as members."
msgstr ""
+"<command>sss_groupadd</command> crée un nouveau groupe. Ces groupes sont "
+"compatibles avec les groupes POSIX, avec la caractéristique supplémentaire "
+"qu'ils peuvent contenir d'autres groupes comme membres."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_groupadd.8.xml:43 sss_seed.8.xml:88
@@ -7950,6 +8911,8 @@ msgid ""
"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
"not given, it is chosen automatically."
msgstr ""
+"Positionne le GID du groupe à la valeur <replaceable>GID</replaceable>. Si "
+"non spécifié, il est choisi automatiquement."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
@@ -7978,6 +8941,8 @@ msgid ""
"<command>sss_userdel</command> deletes a user identified by login name "
"<replaceable>LOGIN</replaceable> from the system."
msgstr ""
+"<command>sss_userdel</command> supprime du système un utilisateur identifié "
+"par son identifiant de connexion <replaceable>LOGIN</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:44
@@ -7990,6 +8955,8 @@ msgid ""
"Files in the user's home directory will be removed along with the home "
"directory itself and the user's mail spool. Overrides the configuration."
msgstr ""
+"Les fichiers dans le répertoire ainsi que le répertoire lui-même de "
+"l'utilisateur et sa messagerie seront supprimés. Outrepasse la configuration."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:56
@@ -8002,6 +8969,9 @@ msgid ""
"Files in the user's home directory will NOT be removed along with the home "
"directory itself and the user's mail spool. Overrides the configuration."
msgstr ""
+"Les fichiers dans le répertoire ainsi que le répertoire lui-même de "
+"l'utilisateur et sa messagerie ne seront PAS supprimés. Outrepasse la "
+"configuration."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:68
@@ -8014,6 +8984,9 @@ msgid ""
"This option forces <command>sss_userdel</command> to remove the user's home "
"directory and mail spool, even if they are not owned by the specified user."
msgstr ""
+"Cette option oblige <command>sss_userdel</command> à supprimer le répertoire "
+"home de l'utilisateur et sa messagerie, même si ils ne sont pas détenus par "
+"l'utilisateur spécifié."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_userdel.8.xml:80
@@ -8024,6 +8997,7 @@ msgstr "<option>-k</option>,<option>--kick</option>"
#: sss_userdel.8.xml:84
msgid "Before actually deleting the user, terminate all his processes."
msgstr ""
+"Avant de réellement supprimer l'utilisateur, mettre fin à tous ses processus."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
@@ -8052,6 +9026,8 @@ msgid ""
"<command>sss_groupdel</command> deletes a group identified by its name "
"<replaceable>GROUP</replaceable> from the system."
msgstr ""
+"<command>sss_groupdel</command> supprime du système un groupe identifié par "
+"son nom de groupe <replaceable>GROUPE</replaceable>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
@@ -8061,7 +9037,7 @@ msgstr "sss_groupshow"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_groupshow.8.xml:16
msgid "print properties of a group"
-msgstr "affiche les propriétés du groupe"
+msgstr "affiche les propriétés d'un groupe"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_groupshow.8.xml:21
@@ -8071,7 +9047,7 @@ msgid ""
"arg>"
msgstr ""
"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
-"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUPE</replaceable></"
"arg>"
#. type: Content of: <reference><refentry><refsect1><para>
@@ -8081,6 +9057,9 @@ msgid ""
"identified by its name <replaceable>GROUP</replaceable>. The information "
"includes the group ID number, members of the group and the parent group."
msgstr ""
+"<command>sss_groupshow</command> affiche des informations sur un groupe "
+"identifié par son nom <replaceable>GROUPE</replaceable>. Les informations "
+"incluent l'ID de groupe, les membres du groupe ainsi que le groupe parent."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_groupshow.8.xml:43
@@ -8094,6 +9073,10 @@ msgid ""
"also affects printing parent groups - without <option>R</option>, only the "
"direct parent will be printed."
msgstr ""
+"Affiche aussi les membres indirects de groupe dans une hiérarchie "
+"arborescente. Noter que cela affecte également les affichages de groupes "
+"parents - sans l'option <option>R</option>, seul le parent direct sera "
+"affiché."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
@@ -8123,7 +9106,7 @@ msgid ""
"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
"on the command line."
msgstr ""
-"<command>sss_usermod</command> modifie le compte définit par "
+"<command>sss_usermod</command> modifie le compte défini par "
"<replaceable>LOGIN</replaceable> pour refléter les modifications fournies en "
"ligne de commande."
@@ -8144,6 +9127,9 @@ msgid ""
"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
"a comma separated list of group names."
msgstr ""
+"Ajouter cet utilisateur aux groupes spécifiés par le paramètre "
+"<replaceable>GROUPS</replaceable>. Le paramètre <replaceable>GROUPS</"
+"replaceable> est une liste séparée par des virgules de noms de groupes."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:96
@@ -8151,6 +9137,8 @@ msgid ""
"Remove this user from groups specified by the <replaceable>GROUPS</"
"replaceable> parameter."
msgstr ""
+"Retirer cet utilisateur de groupes spécifiés par le paramètre "
+"<replaceable>GROUPS</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_usermod.8.xml:103
@@ -8160,7 +9148,7 @@ msgstr "<option>-l</option>,<option>--lock</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:107
msgid "Lock the user account. The user won't be able to log in."
-msgstr "Bloquer le compte utilisateur. Il ne pourra plus se connecter."
+msgstr "Verrouiller le compte utilisateur. Il ne pourra plus se connecter."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_usermod.8.xml:114
@@ -8170,22 +9158,23 @@ msgstr "<option>-u</option>,<option>--unlock</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:118
msgid "Unlock the user account."
-msgstr "Débloquer le compte utilisateur."
+msgstr "Déverrouiller le compte utilisateur."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_usermod.8.xml:129
msgid "The SELinux user for the user's login."
-msgstr "L'utilisateur SELinux pour la connexion utilisateur."
+msgstr ""
+"L'utilisateur SELinux pour l'identifiant de connexion de l'utilisateur."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_cache.8.xml:10 sss_cache.8.xml:15
msgid "sss_cache"
-msgstr ""
+msgstr "sss_cache"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_cache.8.xml:16
msgid "perform cache cleanup"
-msgstr ""
+msgstr "effectue le nettoyage du cache"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_cache.8.xml:21
@@ -8193,6 +9182,8 @@ msgid ""
"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
"replaceable> </arg>"
msgstr ""
+"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_cache.8.xml:31
@@ -8201,22 +9192,26 @@ msgid ""
"records are forced to be reloaded from server as soon as related SSSD "
"backend is online."
msgstr ""
+"<command>sss_cache</command> invalide les enregistrements en cache de SSSD. "
+"Les documents invalidés sont obligés d'être rechargés à partir de leur "
+"serveur d'origine dès que le moteur SSSD redevient disponible en ligne."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:42
msgid ""
"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
msgstr ""
+"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:47
msgid "Invalidate specific user."
-msgstr ""
+msgstr "Invalider un utilisateur spécifique."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:53
msgid "<option>-U</option>,<option>--users</option>"
-msgstr ""
+msgstr "<option>-U</option>,<option>--users</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:57
@@ -8224,22 +9219,26 @@ msgid ""
"Invalidate all user records. This option overrides invalidation of specific "
"user if it was also set."
msgstr ""
+"L'annulation de tous les enregistrements d'utilisateur. Cette option prend "
+"le pas sur l'invalidation d'un utilisateur spécifique, si elle a été "
+"également configuré."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:64
msgid ""
"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
msgstr ""
+"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:69
msgid "Invalidate specific group."
-msgstr ""
+msgstr "L'annulation de groupe spécifique."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:75
msgid "<option>-G</option>,<option>--groups</option>"
-msgstr ""
+msgstr "<option>-G</option>,<option>--groups</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:79
@@ -8247,6 +9246,9 @@ msgid ""
"Invalidate all group records. This option overrides invalidation of specific "
"group if it was also set."
msgstr ""
+"L'annulation de tous les enregistrements de groupe. Cette option prend le "
+"pas sur l'invalidation d'un groupe spécifique si elle a été également "
+"définie."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:86
@@ -8254,16 +9256,18 @@ msgid ""
"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
"replaceable>"
msgstr ""
+"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:91
msgid "Invalidate specific netgroup."
-msgstr ""
+msgstr "Invalide un netgroup spécifique."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:97
msgid "<option>-N</option>,<option>--netgroups</option>"
-msgstr ""
+msgstr "<option>-N</option>,<option>--netgroups</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:101
@@ -8271,6 +9275,8 @@ msgid ""
"Invalidate all netgroup records. This option overrides invalidation of "
"specific netgroup if it was also set."
msgstr ""
+"Invalider tous les enregistrements de netgroup. Cette option prend le pas "
+"sur l'invalidation de netgroup spécifiques s'il a été également définie."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:108
@@ -8278,16 +9284,18 @@ msgid ""
"<option>-s</option>,<option>--service</option> <replaceable>service</"
"replaceable>"
msgstr ""
+"<option>-s</option>,<option>--service</option> <replaceable>service</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:113
msgid "Invalidate specific service."
-msgstr ""
+msgstr "Invalider le service spécifique."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:119
msgid "<option>-S</option>,<option>--services</option>"
-msgstr ""
+msgstr "<option>-S</option>,<option>--services</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:123
@@ -8295,6 +9303,8 @@ msgid ""
"Invalidate all service records. This option overrides invalidation of "
"specific service if it was also set."
msgstr ""
+"Invalider tous les enregistrements de service. Cette option se substitue à "
+"l'invalidation de service spécifique s'elle a également été définie."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:130
@@ -8302,16 +9312,18 @@ msgid ""
"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
"replaceable>"
msgstr ""
+"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:135
msgid "Invalidate specific autofs maps."
-msgstr ""
+msgstr "Invalider des cartes autofs spécifiques."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:141
msgid "<option>-A</option>,<option>--autofs-maps</option>"
-msgstr ""
+msgstr "<option>-A</option>,<option>--autofs-maps</option>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:145
@@ -8319,6 +9331,8 @@ msgid ""
"Invalidate all autofs maps. This option overrides invalidation of specific "
"map if it was also set."
msgstr ""
+"Invalider toutes les cartes autofs. Cette option remplace l'invalidation de "
+"carte spécifique s'elle a également été définie."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_cache.8.xml:152
@@ -8326,21 +9340,23 @@ msgid ""
"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
"replaceable>"
msgstr ""
+"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_cache.8.xml:157
msgid "Restrict invalidation process only to a particular domain."
-msgstr ""
+msgstr "Restreindre le processus d'invalidation à un domaine particulier."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
msgid "sss_debuglevel"
-msgstr ""
+msgstr "sss_debuglevel"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_debuglevel.8.xml:16
msgid "change debug level while SSSD is running"
-msgstr ""
+msgstr "modifie le niveau de débogage pendant l'exécution de SSSD"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_debuglevel.8.xml:21
@@ -8349,6 +9365,9 @@ msgid ""
"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
"replaceable></arg>"
msgstr ""
+"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
+"replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_debuglevel.8.xml:32
@@ -8357,21 +9376,24 @@ msgid ""
"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
"running."
msgstr ""
+"<command>sss_debuglevel</command> positionne le niveau de débogage du "
+"moniteur et des fournisseurs SSSD à <replaceable>NEW_DEBUG_LEVEL</"
+"replaceable> pendant l'exécution de SSSD."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_debuglevel.8.xml:59
msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
-msgstr ""
+msgstr "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_seed.8.xml:10 sss_seed.8.xml:15
msgid "sss_seed"
-msgstr ""
+msgstr "sss_seed"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_seed.8.xml:16
msgid "seed the SSSD cache with a user"
-msgstr ""
+msgstr "initialise le cache SSSD avec un utilisateur"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_seed.8.xml:21
@@ -8381,6 +9403,10 @@ msgid ""
"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
"arg>"
msgstr ""
+"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
+"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
+"arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:33
@@ -8389,6 +9415,10 @@ msgid ""
"temporary password. If a user entry is already present in the SSSD cache "
"then the entry is updated with the temporary password."
msgstr ""
+"<command>sss_seed</command> initialise le cache SSSD avec une entrée "
+"d'utilisateur et le mot de passe temporaire. Si une entrée d'utilisateur est "
+"déjà présente dans le cache de SSSD, l'entrée est mise à jour avec le mot de "
+"passe temporaire."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:46
@@ -8396,6 +9426,8 @@ msgid ""
"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
"replaceable>"
msgstr ""
+"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:51
@@ -8406,6 +9438,11 @@ msgid ""
"Information retrieved from the domain overrides what is provided in the "
"options."
msgstr ""
+"Indique le nom de domaine duquel l'utilisateur est membre. Le domaine est "
+"également utilisé pour récupérer les informations sur l'utilisateur. Le "
+"domaine doit être configuré dans sssd.conf. L'option <replaceable>DOMAIN</"
+"replaceable> doit être fournie. Les informations récupérées depuis le "
+"domaine prennent le pas sur ce qui est fourni dans les options."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:63
@@ -8413,6 +9450,8 @@ msgid ""
"<option>-n</option>,<option>--username</option> <replaceable>USER</"
"replaceable>"
msgstr ""
+"<option>-n</option>,<option>--username</option> <replaceable>USER</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:68
@@ -8420,27 +9459,32 @@ msgid ""
"The username of the entry to be created or modified in the cache. The "
"<replaceable>USER</replaceable> option must be provided."
msgstr ""
+"Le nom d'utilisateur de l'entrée devant être créée ou modifiée dans le "
+"cache. L'option <replaceable>USER</replaceable> doit être fournie."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:81
msgid "Set the UID of the user to <replaceable>UID</replaceable>."
-msgstr ""
+msgstr "Définit l'UID de l'utilisateur à <replaceable>UID</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:93
msgid "Set the GID of the user to <replaceable>GID</replaceable>."
-msgstr ""
+msgstr "Définit le GID de l'utilisateur à <replaceable>GID</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:117
msgid ""
"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
msgstr ""
+"Définit le répertoire de l'utilisateur à <replaceable>HOME_DIR</replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:129
msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
msgstr ""
+"Définit l'interpréteur de commande de l'utilisateur à <replaceable>SHELL</"
+"replaceable>."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:140
@@ -8448,6 +9492,9 @@ msgid ""
"Interactive mode for entering user information. This option will only prompt "
"for information not provided in the options or retrieved from the domain."
msgstr ""
+"Mode interactif pour la saisie des informations de l'utilisateur. Cette "
+"option invite uniquement à la saisir des renseignements non fournis dans les "
+"options ou non récupérés à partir du domaine."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_seed.8.xml:148
@@ -8455,6 +9502,8 @@ msgid ""
"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
"replaceable>"
msgstr ""
+"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
+"replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_seed.8.xml:153
@@ -8462,6 +9511,8 @@ msgid ""
"Specify file to read user's password from. (if not specified password is "
"prompted for)"
msgstr ""
+"Spécifie le fichier dans lequel lire le mot de passe de l'utilisateur. (si "
+"aucun mot de passe n'est spécifié, il sera demandé)"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_seed.8.xml:165
@@ -8470,21 +9521,24 @@ msgid ""
"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
"on systems with no globally-defined PASS_MAX value)."
msgstr ""
+"La taille du mot de passe (ou la taille du fichier spécifié avec l'option -p "
+"ou --password-file) doit être inférieure ou égale à PASS_MAX octets (64 "
+"octets sur les systèmes sans valeur globale définie de PASS_MAX)."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
msgid "sss_ssh_authorizedkeys"
-msgstr ""
+msgstr "sss_ssh_authorizedkeys"
#. type: Content of: <reference><refentry><refmeta><manvolnum>
#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
msgid "1"
-msgstr ""
+msgstr "1"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_authorizedkeys.1.xml:16
msgid "get OpenSSH authorized keys"
-msgstr ""
+msgstr "obtient les clés OpenSSH autorisées"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_authorizedkeys.1.xml:21
@@ -8493,6 +9547,9 @@ msgid ""
"<replaceable>options</replaceable> </arg> <arg "
"choice='plain'><replaceable>USER</replaceable></arg>"
msgstr ""
+"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>USER</replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:32
@@ -8503,6 +9560,11 @@ msgid ""
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> for more information)."
msgstr ""
+"<command>sss_ssh_authorizedkeys</command> acquiert les clés publiques SSH "
+"pour <replaceable>USER</replaceable> et les renvoie dans le format "
+"authorized_keys de OpenSSH (cf. la section <quote>FORMAT DE FICHIER "
+"AUTHORIZED_KEYS</quote> de <citerefentry><refentrytitle>sshd</refentrytitle> "
+"<manvolnum>8</manvolnum></citerefentry> pour plus d'informations)."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:41
@@ -8514,12 +9576,19 @@ msgid ""
"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
"<manvolnum>5</manvolnum></citerefentry> options."
msgstr ""
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> peut être configuré pour utiliser "
+"<command>sss_ssh_authorizedkeys</command> pour l'authentification "
+"d'utilisateur par clé publique s'il est compilé avec la prise en compte des "
+"options <quote>AuthorizedKeysCommand</quote> ou <quote>PubkeyAgent</quote> "
+"de <citerefentry><refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:58
#, no-wrap
msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
-msgstr ""
+msgstr "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:51
@@ -8530,12 +9599,18 @@ msgid ""
"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"Si <quote>AuthorizedKeysCommand</quote> est pris en charge, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> peut être configuré pour l'utiliser en mettant la directive "
+"suivante dans <citerefentry><refentrytitle>sshd_config</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry>&nbsp;: <placeholder type="
+"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:69
#, no-wrap
msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
-msgstr ""
+msgstr "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:62
@@ -8547,22 +9622,30 @@ msgid ""
"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting"
"\" id=\"0\"/>"
msgstr ""
+"Si <quote>PubkeyAgent</quote> est pris en charge, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> peut être configuré pour l'utiliser en utilisant la directive "
+"suivante de la configuration de <citerefentry><refentrytitle>sshd</"
+"refentrytitle> <manvolnum>8</manvolnum></citerefentry>&nbsp;: <placeholder "
+"type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_authorizedkeys.1.xml:84
msgid ""
"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
+"Rechercher des clés publiques dans le domaine SSSD <replaceable>DOMAIN</"
+"replaceable>."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
msgid "sss_ssh_knownhostsproxy"
-msgstr ""
+msgstr "sss_ssh_knownhostsproxy"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sss_ssh_knownhostsproxy.1.xml:16
msgid "get OpenSSH host keys"
-msgstr ""
+msgstr "obtenir les clés d'hôtes OpenSSH"
#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
#: sss_ssh_knownhostsproxy.1.xml:21
@@ -8572,6 +9655,10 @@ msgid ""
"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
msgstr ""
+"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
+"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:33
@@ -8583,6 +9670,13 @@ msgid ""
"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
"pubconf/known_hosts</filename> and estabilishes connection to the host."
msgstr ""
+"<command>sss_ssh_knownhostsproxy</command> récupère les clés publiques pour "
+"le système <replaceable>HOST</replaceable>, les stocke dans un fichier "
+"OpenSSH known_hosts spécifique (cf. la section <quote>FORMAT DU FICHIER "
+"SSH_KNOWN_HOSTS</quote> de <citerefentry><refentrytitle>sshd</refentrytitle> "
+"<manvolnum>8</manvolnum></citerefentry> pour plus d'informations) "
+"<filename>/var/lib/sss/pubconf/known_hosts</filename> puis établit la "
+"connexion vers le système."
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:43
@@ -8590,6 +9684,9 @@ msgid ""
"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
"create the connection to the host instead of opening a socket."
msgstr ""
+"Si <replaceable>PROXY_COMMAND</replaceable> est indiqué, elle est alors "
+"utilisée pour établier la connexion vers le système au lieu d'ouvrir une "
+"socket."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_knownhostsproxy.1.xml:55
@@ -8598,6 +9695,8 @@ msgid ""
"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
msgstr ""
+"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
+"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_knownhostsproxy.1.xml:48
@@ -8608,12 +9707,19 @@ msgid ""
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> peut être configuré pour utiliser "
+"<command>sss_ssh_knownhostsproxy</command> pour l'authentication par clés en "
+"utilisant les directives suivantes pour la configuration de "
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry>&nbsp;: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_ssh_knownhostsproxy.1.xml:66
msgid ""
"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
msgstr ""
+"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_knownhostsproxy.1.xml:71
@@ -8629,11 +9735,13 @@ msgstr ""
msgid ""
"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
msgstr ""
+"Rechercher les clés publiques dans le domaine SSSD <replaceable>DOMAINE</"
+"replaceable> hôte."
#. type: Content of: <refsect1><title>
#: include/service_discovery.xml:2
msgid "SERVICE DISCOVERY"
-msgstr "RECHERCHE DE SERVICE"
+msgstr "DÉCOUVERTE DE SERVICE"
#. type: Content of: <refsect1><para>
#: include/service_discovery.xml:4
@@ -8642,6 +9750,10 @@ msgid ""
"appropriate servers to connect to using a special DNS query. This feature is "
"not supported for backup servers."
msgstr ""
+"La fonctionnalité de découverte de services permet aux moteurs de trouver "
+"automatiquement les serveurs appropriés auxquels se connecter à l'aide d'une "
+"requête DNS spéciale. Cette fonctionnalité n'est pas pris en charge pour sur "
+"les serveurs secondaires."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
@@ -8659,6 +9771,14 @@ msgid ""
"prefers to use service discovery whenever possible, and fall back to a "
"specific server when no servers can be discovered using DNS."
msgstr ""
+"Si aucun serveur n'est spécifié, le moteur utilise automatiquement la "
+"découverte de services pour tenter de trouver un serveur. L'utilisateur peut "
+"aussi choisir d'utiliser des adresses de serveur et de découverte de "
+"services fixes en insérant un mot-clé spécial, <quote>_srv_</quote>, dans la "
+"liste des serveurs. L'ordre de préférence est maintenu. Cette fonctionnalité "
+"est utile si, par exemple, l'utilisateur préfère utiliser la découverte de "
+"services chaque fois que possible et se replier vers un serveur spécifique "
+"lorsqu'aucun serveur ne peut être découvert à l'aide du DNS."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:23
@@ -8672,6 +9792,9 @@ msgid ""
"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
"manvolnum> </citerefentry> manual page for more details."
msgstr ""
+"Veuillez vous reporter au paramètre <quote>dns_discovery_domain</quote> dans "
+"la page de manuel <citerefentry><refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> pour plus de détails."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:35
@@ -8684,6 +9807,8 @@ msgid ""
"The queries usually specify _tcp as the protocol. Exceptions are documented "
"in respective option description."
msgstr ""
+"Les requêtes spécifient généralement _tcp comme protocole. Les exceptions "
+"sont documentées dans les descriptions respectives des options."
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:42
@@ -8695,6 +9820,8 @@ msgstr "Voir aussi"
msgid ""
"For more information on the service discovery mechanism, refer to RFC 2782."
msgstr ""
+"Pour plus d'informations sur le mécanisme de découverte de services, se "
+"reporter à la RFC 2782."
#. type: Content of: outside any tag (error?)
#: include/upstream.xml:1
@@ -8712,6 +9839,8 @@ msgid ""
"The failover feature allows back ends to automatically switch to a different "
"server if the current server fails."
msgstr ""
+"La fonctionnalité de basculement autorise le moteur à basculer "
+"automatiquement sur un serveur différent si le serveur actuel est défaillant."
#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:8
@@ -8725,18 +9854,39 @@ msgid ""
"is allowed around the comma. The servers are listed in order of preference. "
"The list can contain any number of servers."
msgstr ""
+"La liste des serveurs est donnée sous forme de liste séparée par des "
+"virgules ; un nombre quelconque d'espaces est autorisé autour de la virgule. "
+"Les serveurs sont répertoriés par ordre de préférence. La liste peut "
+"contenir un nombre quelconque de serveurs."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:16
+#, fuzzy
+#| msgid ""
+#| "For each failover-enabled config option, two variants exist: "
+#| "<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea "
+#| "is that servers in the primary list are preferred and backup servers are "
+#| "only searched if no primary servers can be reached. If a backup server is "
+#| "selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+#| "periodically try to reconnect to one of the primary servers. If it "
+#| "succeeds, it will replace the current active (backup) server."
msgid ""
"For each failover-enabled config option, two variants exist: "
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
+"Pour chaque option de configuration alors que le basculement est activé, il "
+"existe deux variantes : <emphasis>primary</emphasis> et <emphasis>backup</"
+"emphasis>. L'idée est que les serveurs dans la liste principale sont "
+"préférés et les serveurs de secours sont interrogés uniquement si aucun "
+"serveur primaire ne peut être atteint. Si un serveur de secours est "
+"sélectionné, un délai d'attente de 30 secondes est défini. Après ce délai "
+"d'attente, SSSD tentera périodiquement de se reconnecter à un des serveurs "
+"primaires. S'il réussit, il remplacera l'actuel serveur (de secours) actif."
#. type: Content of: <refsect1><refsect2><title>
#: include/failover.xml:27
@@ -8756,6 +9906,17 @@ msgid ""
"switches over to the next service. The machine is still considered online "
"and might still be tried for another service."
msgstr ""
+"Le mécanisme de basculement fait la distinction entre une machine et d'un "
+"service. Le moteur tente d'abord de résoudre le nom d'hôte d'un ordinateur "
+"donné ; en cas d'échec de cette tentative de résolution, la machine est "
+"considérée comme hors ligne. Aucune autre tentative n'est faite pour se "
+"connecter à cette machine pour tout autre service. Si la tentative de "
+"résolution réussit, le serveur principal tente de se connecter à un service "
+"sur cette machine. Si la tentative de connexion de service échoue, alors ce "
+"seul service est considéré comme hors ligne et le moteur passe "
+"automatiquement au service suivant. La machine est toujours considérée en "
+"ligne et peut toujours être considérée pour une tentative d'accès à un autre "
+"service."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:42
@@ -8764,6 +9925,9 @@ msgid ""
"offline after a specified period of time; this is currently hard coded to 30 "
"seconds."
msgstr ""
+"Les tentatives de connexion ultérieures sont faites vers des machines ou des "
+"services marqués comme hors connexion après un délai spécifié ; ce délai est "
+"actuellement spécifié en dur à 30 secondes."
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:47
@@ -8771,11 +9935,14 @@ msgid ""
"If there are no more machines to try, the back end as a whole switches to "
"offline mode, and then attempts to reconnect every 30 seconds."
msgstr ""
+"S'il n'y a plus aucune machine à essayer, le moteur dans son ensemble "
+"bascule dans le mode hors connexion et tente ensuite de se reconnecter "
+"toutes les 30 secondes."
#. type: Content of: <refsect1><title>
#: include/ldap_id_mapping.xml:2
msgid "ID MAPPING"
-msgstr ""
+msgstr "CORRESPONDANCE D'IDENTIFIANTS"
#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:4
@@ -8784,6 +9951,10 @@ msgid ""
"without requiring administrators to extend user attributes to support POSIX "
"attributes for user and group identifiers."
msgstr ""
+"La fonctionnalité de correspondance d'ID permet à SSSD d'agir comme un "
+"client de Active Directory sans demander aux administrateurs d'étendre les "
+"attributs utilisateur pour prendre en charge les attributs POSIX pour les "
+"identifiants d'utilisateur et de groupe."
#. type: Content of: <refsect1><para>
#: include/ldap_id_mapping.xml:9
@@ -8793,11 +9964,16 @@ msgid ""
"assigned and manually-assigned values. If you need to use manually-assigned "
"values, ALL values must be manually-assigned."
msgstr ""
+"Remarque : Lorsque la mise en correspondance des ID est activée, les "
+"attributs uidNumber et gidNumber sont ignorés. Ceci afin d'éviter les "
+"risques de conflit entre les valeurs attribuées automatiquement et assignées "
+"manuellement. Si vous avez besoin d'utiliser des valeurs attribuées "
+"manuellement, TOUTES les valeurs doivent être assignées manuellement."
#. type: Content of: <refsect1><refsect2><title>
#: include/ldap_id_mapping.xml:17
msgid "Mapping Algorithm"
-msgstr ""
+msgstr "Algorithme de correspondance"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:19
@@ -8807,6 +9983,10 @@ msgid ""
"represent the Active Directory domain identity and the relative identifier "
"(RID) of the user or group object."
msgstr ""
+"Active Directory fournit un objectSID pour chaque objet d'utilisateur et de "
+"groupe dans l'annuaire. Cet objectSID peut être divisé en composants qui "
+"représentent l'identité de domaine Active Directory et l'identificateur "
+"relatif (RID) de l'objet utilisateur ou groupe."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:25
@@ -8815,6 +9995,10 @@ msgid ""
"into equally-sized component sections - called \"slices\"-. Each slice "
"represents the space available to an Active Directory domain."
msgstr ""
+"L'algorithme de mise en correspondance des ID de SSSD tient un éventail "
+"d'uid disponibles et le divise en sections de même taille, appelées « "
+"tranches ». Chaque tranche représente l'espace disponible dans un domaine "
+"Active Directory."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:31
@@ -8824,6 +10008,11 @@ msgid ""
"In order to make this slice-assignment repeatable on different client "
"machines, we select the slice based on the following algorithm:"
msgstr ""
+"Lorsqu'une entrée d'utilisateur ou de groupe pour un domaine particulier est "
+"rencontrée pour la première fois, SSSD alloue une des plages disponibles "
+"pour ce domaine. Afin de rendre cette affectation de plage reproductible sur "
+"les ordinateurs clients différents, l'algorithme de sélection de plage "
+"suivant est utilisé :"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:38
@@ -8832,6 +10021,10 @@ msgid ""
"a 32-bit hashed value. We then take the modulus of this value with the total "
"number of available slices to pick the slice."
msgstr ""
+"La chaîne du SID est passée par l'intermédiaire de l'algorithme murmurhash3 "
+"pour le convertir en une valeur de hachage de 32 bits. Nous prenons ensuite "
+"le modulo de cette valeur avec le nombre total des tranches disponibles pour "
+"prendre la tranche."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:44
@@ -8845,12 +10038,23 @@ msgid ""
"configure a default domain to guarantee that at least one is always "
"consistent. See <quote>Configuration</quote> for details."
msgstr ""
+"Remarque : Il est possible de rencontrer les collisions dans le hachage et "
+"le modulo en découlant. Dans ces situations, la tranche suivante disponible "
+"sera sélectionnée, mais il n'est pas possible de reproduire le même jeu "
+"exact des tranches sur d'autres machines (puisque l'ordre dans lequel elles "
+"sont rencontrées déterminera leur tranche). Dans ce cas, il est recommandé "
+"de passer à l'utilisation des attributs POSIX explicites dans Active "
+"Directory (en désactivant la correspondance d'ID) ou configurer un domaine "
+"par défaut afin de garantir qu'au moins un est toujours cohérent. Pour plus "
+"d'informations, voir <quote>Configuration</quote>."
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:59
msgid ""
"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
msgstr ""
+"Configuration minimale (dans la section <quote>[domain/DOMAINNAME]</"
+"quote>) :"
#. type: Content of: <refsect1><refsect2><para><programlisting>
#: include/ldap_id_mapping.xml:64
@@ -8859,6 +10063,8 @@ msgid ""
"ldap_id_mapping = True\n"
"ldap_schema = ad\n"
msgstr ""
+"ldap_id_mapping = True\n"
+"ldap_schema = ad\n"
#. type: Content of: <refsect1><refsect2><para>
#: include/ldap_id_mapping.xml:69
@@ -8867,16 +10073,19 @@ msgid ""
"of holding up to 200,000 IDs, starting from 10,001 and going up to "
"2,000,100,000. This should be sufficient for most deployments."
msgstr ""
+"La configuration par défaut active 10 000 tranches, chacune pouvant contenir "
+"jusqu'à 200 000 identifiants, démarrant à 10 001 et allant jusqu'à "
+"2 000 100 000. Cela devrait être suffisant pour la plupart des déploiements."
#. type: Content of: <refsect1><refsect2><refsect3><title>
#: include/ldap_id_mapping.xml:75
msgid "Advanced Configuration"
-msgstr ""
+msgstr "Configuration avancée"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:78
msgid "ldap_idmap_range_min (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_min (integer)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:81
@@ -8884,6 +10093,8 @@ msgid ""
"Specifies the lower bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
msgstr ""
+"Spécifie la limite inférieure de la plage d'ID POSIX à utiliser pour la mise "
+"en correspondance d'identifiants utilisateurs et groupes Active Directory."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:85
@@ -8894,6 +10105,12 @@ msgid ""
"distinction, but the good general advice would be to have <quote>min_id</"
"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
msgstr ""
+"NOTE : Cette option est différente de <quote>min_id</quote> en ce sens que "
+"<quote>min_id</quote> agit comme filtre sur le résultat des requêtes vers ce "
+"domaine, alors que cette option contrôle les plages de correspondance d'ID. "
+"Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent "
+"d'avoir <quote>min_id</quote> inférieur ou égal à "
+"<quote>ldap_idmap_range_min</quote>"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
@@ -8903,7 +10120,7 @@ msgstr "Par défaut : 200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:100
msgid "ldap_idmap_range_max (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_max (integer)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:103
@@ -8911,6 +10128,8 @@ msgid ""
"Specifies the upper bound of the range of POSIX IDs to use for mapping "
"Active Directory user and group SIDs."
msgstr ""
+"Spécifie la limite supérieure de la plage d'ID POSIX à utiliser pour la mise "
+"en correspondance d'identifiants utilisateurs et groupes Active Directory."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:107
@@ -8921,16 +10140,22 @@ msgid ""
"distinction, but the good general advice would be to have <quote>max_id</"
"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
msgstr ""
+"NOTE : Cette option est différente de <quote>max_id</quote> en ce sens que "
+"<quote>max_id</quote> agit comme filtre sur le résultat des requêtes vers ce "
+"domaine, alors que cette option contrôle les plages de correspondance d'ID. "
+"Il s'agit d'une distinction subtile, mais les bonnes pratiques conseillent "
+"d'avoir <quote>max_id</quote> supérieur ou égal à "
+"<quote>ldap_idmap_range_max</quote>"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:117
msgid "Default: 2000200000"
-msgstr ""
+msgstr "Par défaut : 2000200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:122
msgid "ldap_idmap_range_size (integer)"
-msgstr ""
+msgstr "ldap_idmap_range_size (integer)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:125
@@ -8939,6 +10164,9 @@ msgid ""
"does not divide evenly into the min and max values, it will create as many "
"complete slices as it can."
msgstr ""
+"Spécifie le nombre d'identifiants pour chaque tranche. Si la taille de la "
+"plage ne divise pas uniformément dans les valeurs minimale et maximale, des "
+"tranches complètes seront créées autant que possible."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:136
@@ -8952,6 +10180,9 @@ msgid ""
"domain will always be assigned to slice zero in the ID map, bypassing the "
"murmurhash algorithm described above."
msgstr ""
+"Spécifier le SID de domaine du domaine par défaut. Cela garantira que ce "
+"domaine est toujours affecté à la tranche zéro dans la carte d'ID, sans "
+"passer par l'algorithme murmurhash décrit ci-dessus."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:150
@@ -8966,7 +10197,7 @@ msgstr "Spécifier le nom de domaine par défaut."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:161
msgid "ldap_idmap_autorid_compat (boolean)"
-msgstr ""
+msgstr "ldap_idmap_autorid_compat (boolean)"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:164
@@ -8974,6 +10205,9 @@ msgid ""
"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
"winbind's <quote>idmap_autorid</quote> algorithm."
msgstr ""
+"Modifie le comportement de l'algorithme de mise en correspondance des ID "
+"afin qu'il se comporte de manière identique à celui <quote>idmap_autorid</"
+"quote> de winbind."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:169
@@ -8981,6 +10215,9 @@ msgid ""
"When this option is configured, domains will be allocated starting with "
"slice zero and increasing monatomically with each additional domain."
msgstr ""
+"Lorsque cette option est configurée, les domaines seront alloués en "
+"commençant par la tranche zéro et augmentant de manière monotone pour chaque "
+"domaine supplémentaire."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:174
@@ -8991,11 +10228,17 @@ msgid ""
"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
"least one domain is consistently allocated to slice zero."
msgstr ""
+"Remarque : Cet algorithme n'est pas déterministe (il dépend de l'ordre dans "
+"lequel utilisateurs et groupes sont invités). Si ce mode est nécessaire pour "
+"assurer la compatibilité avec les ordinateurs qui utilisent winbind, il est "
+"recommandé d'utiliser également l'option "
+"<quote>ldap_idmap_default_domain_sid</quote> pour garantir qu'au moins un "
+"domaine est systématiquement alloué à la tranche zéro."
#. type: Content of: <varlistentry><term>
#: include/param_help.xml:3
msgid "<option>-?</option>,<option>--help</option>"
-msgstr ""
+msgstr "<option>-?</option>,<option>--help</option>"
#. type: Content of: <varlistentry><listitem><para>
#: include/param_help.xml:7 include/param_help_py.xml:7
@@ -9014,11 +10257,15 @@ msgid ""
"default value as well as the lowest allowed value, 0xFFF0 is the most "
"verbose mode. This setting overrides the settings from config file."
msgstr ""
+"Un masque de bits qui indique quels niveaux de débogage seront visibles. 0 x "
+"0010 est la valeur par défaut ainsi que la plus basse autorisée, 0xFFF0 est "
+"le mode le plus détaillé. Ce paramètre prend le pas sur les paramètres du "
+"fichier de configuration."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:8
msgid "Currently supported debug levels:"
-msgstr ""
+msgstr "Niveaux de débogage actuellement pris en charge :"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:11
@@ -9026,6 +10273,8 @@ msgid ""
"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
"SSSD from starting up or causes it to cease running."
msgstr ""
+"<emphasis>0x0010</emphasis>&nbsp;: défaillances fatales. Tout ce qui "
+"empêcherait SSSD de démarrer ou provoquerait son arrêt."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:15
@@ -9034,6 +10283,9 @@ msgid ""
"the SSSD, but one that indicates that at least one major feature is not "
"going to work properly."
msgstr ""
+"<emphasis>0x0020</emphasis>&nbsp;: échecs critiques. Une erreur qui ne tue "
+"pas SSSD, mais qui indique qu'au moins une caractéristique majeure ne pourra "
+"pas fonctionner correctement."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:20
@@ -9041,6 +10293,8 @@ msgid ""
"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
"particular request or operation has failed."
msgstr ""
+"<emphasis>0x0040</emphasis>&nbsp;: défaillances graves. Une erreur qui "
+"annonce qu'une requête particulière ou une opération a échoué."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:24
@@ -9048,27 +10302,32 @@ msgid ""
"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
"percolate down to cause the operation failure of 2."
msgstr ""
+"<emphasis>0x0080</emphasis>&nbsp;: erreurs mineures. Ce sont les erreurs qui "
+"seraient susceptibles d'empirer pour provoquer l'erreur en 2."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:28
msgid "<emphasis>0x0100</emphasis>: Configuration settings."
-msgstr ""
+msgstr "<emphasis>0x0100</emphasis>&nbsp;: paramètres de configuration."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:31
msgid "<emphasis>0x0200</emphasis>: Function data."
-msgstr ""
+msgstr "<emphasis>0x0200</emphasis>&nbsp;: données de fonctionnement."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:34
msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
msgstr ""
+"<emphasis>0x0400</emphasis>&nbsp;: traçage des fonctions opérationnelles."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:37
msgid ""
"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
msgstr ""
+"<emphasis>0x1000</emphasis>&nbsp;: traçage des fonctions de contrôles "
+"internes."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:40
@@ -9076,11 +10335,14 @@ msgid ""
"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
"may be interesting."
msgstr ""
+"<emphasis>0x2000</emphasis>&nbsp;: contenu des variables internes de "
+"fonctions pouvent être intéressantes."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:43
msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
msgstr ""
+"<emphasis>0x4000</emphasis>&nbsp;: informations de traçage de bas niveau."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:46
@@ -9088,6 +10350,8 @@ msgid ""
"To log required debug levels, simply add their numbers together as shown in "
"following examples:"
msgstr ""
+"Pour activer les niveaux de débogage requis, il suffit de faire la somme de "
+"l'ensemble des numéros tel qu'illustré dans les exemples suivants&nbsp;:"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:49
@@ -9095,6 +10359,8 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
"serious failures and function data use 0x0270."
msgstr ""
+"<emphasis>Exemple</emphasis>&nbsp;: pour suivre erreurs fatales, critiques, "
+"graves et les données de fonction, utiliser 0x0270."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:53
@@ -9102,6 +10368,9 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
"function data, trace messages for internal control functions use 0x1310."
msgstr ""
+"<emphasis>Exemple</emphasis>&nbsp;: pour consigner les erreurs fatales, les "
+"paramètres de configuration, les données de fonction, les messages de trace "
+"pour les fonctions de contrôle interne, utiliser 0x1310."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:57
@@ -9109,6 +10378,9 @@ msgid ""
"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
msgstr ""
+"<emphasis>Note</emphasis>&nbsp:: il s'agit d'un nouveau format des niveaux "
+"de débogage introduit dans la version 1.7.0. L'ancien format (nombres de 0 "
+"à 10) est compatible mais déconseillé et voué à disparaître."
#. type: Content of: outside any tag (error?)
#: include/experimental.xml:1
@@ -9116,11 +10388,13 @@ msgid ""
"<emphasis> This is an experimental feature, please use http://fedorahosted."
"org/sssd to report any issues. </emphasis>"
msgstr ""
+"<emphasis>Il s'agit d'une fonctionnalité expérimentale, utiliser http://"
+"fedorahosted.org/sssd pour signaler les problèmes.</emphasis>"
#. type: Content of: <refsect1><title>
#: include/local.xml:2
msgid "THE LOCAL DOMAIN"
-msgstr ""
+msgstr "LE DOMAINE LOCAL"
#. type: Content of: <refsect1><para>
#: include/local.xml:4
@@ -9128,6 +10402,8 @@ msgid ""
"In order to function correctly, a domain with <quote>id_provider=local</"
"quote> must be created and the SSSD must be running."
msgstr ""
+"Pour fonctionner correctement, un domaine avec <quote>id_provider = local</"
+"quote> doit être créé et SSSD doit s'exécuter."
#. type: Content of: <refsect1><para>
#: include/local.xml:9
@@ -9140,6 +10416,14 @@ msgid ""
"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
"local LDB storage to store users and groups."
msgstr ""
+"L'administrateur peut vouloir utiliser les utilisateurs locaux SSSD au lieu "
+"des utilisateurs UNIX traditionnels dans les cas où l'imbrication de groupes "
+"(cf. <citerefentry><refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry>) est nécessaire. Les utilisateurs locaux sont "
+"également utiles pour les tests et le développement de SSSD sans avoir à "
+"déployer un serveur distant complet. Les outils <command>sss_user *</"
+"command> et <command>sss_group *</command> utilisent alors un stockage local "
+"de type LDB pour les utilisateurs et les groupes."
#. type: Content of: <refsect1><title>
#: include/seealso.xml:2
@@ -9148,6 +10432,45 @@ msgstr "VOIR AUSSI"
#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
+#, fuzzy
+#| msgid ""
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> "
+#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>, </phrase> <citerefentry> "
+#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>."
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
@@ -9182,10 +10505,46 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:3
@@ -9194,19 +10553,21 @@ msgid ""
"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
"for this attribute type."
msgstr ""
+"Un DN de base facultatif, une étendue de recherche et un filtre LDAP afin de "
+"restreindre les recherches LDAP pour ce type d'attribut."
#. type: Content of: <listitem><para><programlisting>
#: include/ldap_search_bases.xml:9
#: include/ldap_search_bases_experimental.xml:9
#, no-wrap
msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
-msgstr ""
+msgstr "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:7
#: include/ldap_search_bases_experimental.xml:7
msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
-msgstr ""
+msgstr "syntaxe : <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:13
@@ -9216,6 +10577,9 @@ msgid ""
"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
"rfc2254.txt"
msgstr ""
+"La portée peut être « base », un « onelevel » ou « subtree ». Le filtre doit "
+"être un filtre de recherche LDAP valide tel que spécifié par http://www.ietf."
+"org/rfc/rfc2254.txt"
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:19
@@ -9224,6 +10588,8 @@ msgid ""
"For examples of this syntax, please refer to the <quote>ldap_search_base</"
"quote> examples section."
msgstr ""
+"Pour obtenir des exemples de cette syntaxe, reportez-vous à la section "
+"d'exemples <quote>ldap_search_base</quote>."
#. type: Content of: <listitem><para>
#: include/ldap_search_bases.xml:27
@@ -9233,6 +10599,10 @@ msgid ""
"against an Active Directory Server that might yield a large number of "
"results and trigger the Range Retrieval extension in the response."
msgstr ""
+"Noter que la spécification de portée ou de filtre n'est pas prise en charge "
+"pour les recherches sur un serveur Active Directory qui serait susceptible "
+"de produire un grand nombre de résultats et de déclencher l'extension Range "
+"Retrieval dans sa réponse."
#. type: Content of: <para>
#: include/autofs_restart.xml:2
@@ -9241,3 +10611,17 @@ msgid ""
"any autofs-related changes are made to the sssd.conf, you typically also "
"need to restart the automounter daemon after restarting the SSSD."
msgstr ""
+"Veuillez noter que l'automounter ne lit que la carte maîtresse au démarrage. "
+"Ainsi, si des modifications liées à autofs sont apportées à sssd.conf, vous "
+"devrez généralement redémarrer le démon automounter après le redémarrage de "
+"SSSD"
+
+#~ msgid ""
+#~ "If true then SSSD will download every rule that contains a regular "
+#~ "expression in sudoHost attribute."
+#~ msgstr ""
+#~ "Si positionnée à true, SSSD téléchargera toutes les règles qui contient "
+#~ "une expression rationnelle dans l'attribut sudoHost."
+
+#~ msgid "regular expression"
+#~ msgstr "expression rationnelle"
diff --git a/src/man/po/ja.po b/src/man/po/ja.po
index 190bd1805..c5de08caa 100644
--- a/src/man/po/ja.po
+++ b/src/man/po/ja.po
@@ -10,9 +10,9 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
-"PO-Revision-Date: 2012-10-05 17:53+0000\n"
-"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2012-11-26 09:44+0000\n"
+"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
"Language: ja\n"
"MIME-Version: 1.0\n"
@@ -149,7 +149,7 @@ msgstr "ファイル形式および変換"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "SSSD の設定ファイル"
@@ -230,7 +230,7 @@ msgid "The [sssd] section"
msgstr "[sssd] セクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "セクションのパラメーター"
@@ -273,12 +273,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -287,7 +287,7 @@ msgstr ""
"める前に試行する回数です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "初期値: 3"
@@ -309,7 +309,7 @@ msgstr ""
"始できません。このパラメーターは検索したいドメインの一覧を表されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (文字列)"
@@ -329,7 +329,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (文字列)"
@@ -429,32 +429,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "初期値: 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -464,15 +443,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -495,12 +474,12 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "サービスセクション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -512,80 +491,81 @@ msgstr ""
"ば、NSS サービスは <quote>[nss]</quote> セクションです"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr "サービス設定の全体オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "これらのオプションはすべてのサービスを設定するために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "デバッグメッセージに日時を追加します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "初期値: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr "デバッグメッセージの日時にマイクロ秒を追加します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "初期値: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "初期値: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -595,17 +575,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -615,6 +595,27 @@ msgstr ""
"ファイル記述子に保持できる秒数を指定します。この値はシステムのリソース枯渇を"
"避けるために制限されます。"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "初期値: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -712,8 +713,8 @@ msgstr ""
"り、存在しないドメインのように、無効なデータベースエントリーに対する問い合わ"
"せ)をキャッシュする秒数を指定します。"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "初期値: 15"
@@ -798,13 +799,23 @@ msgstr "%f"
msgid "fully qualified user name (user@domain)"
msgstr "完全修飾ユーザー名 (user@domain)"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr "%%"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr "文字 '%'"
@@ -820,12 +831,12 @@ msgstr ""
"type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr "このオプションはドメインごとに設定できます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -835,22 +846,22 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -859,7 +870,7 @@ msgstr ""
"ホームディレクトリーの標準テンプレートを設定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -867,17 +878,17 @@ msgstr ""
"同じです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr "override_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -886,17 +897,17 @@ msgstr ""
"において全体的またはドメインごとに指定できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr "allowed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -904,13 +915,13 @@ msgstr ""
"す:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -919,7 +930,7 @@ msgstr ""
"ば、shell_fallback パラメーターの値を使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -928,12 +939,12 @@ msgstr ""
"ば、nologin シェルが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr "シェルの空文字列は libc にそのまま渡されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -943,27 +954,27 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr "shell_fallback (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -971,65 +982,66 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "初期値: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "初期値: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr "PAM 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1038,12 +1050,12 @@ msgstr ""
"ために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1052,17 +1064,17 @@ msgstr ""
"ラインログインの最終成功からの日数)です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1070,12 +1082,12 @@ msgstr ""
"認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1084,7 +1096,7 @@ msgstr ""
"渡される分単位の時間です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1095,17 +1107,17 @@ msgstr ""
"効にできます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "初期値: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1114,42 +1126,42 @@ msgstr ""
"きいほどメッセージが表示されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr "現在 sssd は以下の値をサポートします:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "初期値: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1159,7 +1171,7 @@ msgstr ""
"されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1172,17 +1184,17 @@ msgstr ""
"アプリケーションごとに)制御します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr "パスワードの期限が切れる前に N 日間警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1192,41 +1204,41 @@ msgstr ""
"ことに注意してください。この情報がなければ、sssd は警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "初期値: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr "SUDO 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr "これらのオプションは sudo サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr "sudo_timed (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1235,22 +1247,22 @@ msgstr ""
"を評価するかしないかです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr "Autofs 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr "これらのオプションが autofs サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1260,52 +1272,52 @@ msgstr ""
"効なマップエントリーに対する問い合わせ)が再びバックエンドに問い合わせる前に"
"ヒットする秒数を指定します。"
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr "初期値: 180"
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr "SSH 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr "これらのオプションは SSH サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr "初期値: 180"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1317,7 +1329,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1328,24 +1340,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1353,12 +1365,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1367,17 +1379,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "ドメインセクション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1386,7 +1398,7 @@ msgstr ""
"トリーを含む場合、それは無視されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1398,17 +1410,17 @@ msgstr ""
"バーに対して、範囲内にあるものは予期されたものとして報告されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "初期値: min_id は 1, max_id は 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerate (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1417,28 +1429,38 @@ msgstr ""
"必要があります:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = ユーザーとグループが列挙されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = このドメインに対して列挙しません"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "初期値: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
+#, fuzzy
+#| msgid ""
+#| "Note: Enabling enumeration has a moderate performance impact on SSSD "
+#| "while enumeration is running. It may take up to several minutes after "
+#| "SSSD startup to fully complete enumerations. During this time, "
+#| "individual requests for information will go directly to LDAP, though it "
+#| "may be slow, due to the heavy enumeration processing."
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
"注: 列挙を有効にすることにより、列挙の実行中に SSSD にわずかな性能の影響があ"
"ります。列挙を完全に完了するには SSSD が開始後に数分間時間がかかります。この"
@@ -1446,7 +1468,7 @@ msgstr ""
"は遅いかもしれません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1455,7 +1477,7 @@ msgstr ""
"れが完了するまで結果を返しません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1467,13 +1489,20 @@ msgstr ""
"があります。詳細は使用している具体的な id_provider のマニュアルページを参照し"
"てください。"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1482,17 +1511,17 @@ msgstr ""
"数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "初期値: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1501,18 +1530,18 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr "初期値: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1521,12 +1550,12 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1535,12 +1564,12 @@ msgstr ""
"有効であると考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1549,54 +1578,54 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr "cache_credentials (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか"
"を決めます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1608,17 +1637,17 @@ msgstr ""
"offline_credentials_expiration と同等以上でなければいけません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1627,17 +1656,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "初期値: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1645,17 +1674,19 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+#, fuzzy
+#| msgid "proxy: Support a legacy NSS provider"
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "proxy: レガシーな NSS プロバイダーのサポート"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1666,8 +1697,8 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1680,8 +1711,8 @@ msgstr ""
"い。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1692,12 +1723,12 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1706,7 +1737,7 @@ msgstr ""
"名形式により整形されたように) を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1719,12 +1750,32 @@ msgstr ""
"んが、<command>getent passwd test@LOCAL</command> は見つけられます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ipa_netgroup_member_user (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ipa_netgroup_member_user (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1733,7 +1784,7 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1744,7 +1795,7 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1755,19 +1806,19 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> は明示的に認証を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1776,12 +1827,12 @@ msgstr ""
"ならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1792,7 +1843,7 @@ msgstr ""
"えます)。内部の特別プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1801,12 +1852,12 @@ msgstr ""
"ロバイダーのみアクセスが許可されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> は常にアクセスを拒否します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1819,17 +1870,17 @@ msgstr ""
"citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr "初期値: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr "chpass_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1838,7 +1889,7 @@ msgstr ""
"パスワード変更プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1849,7 +1900,7 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1860,7 +1911,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1868,12 +1919,12 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1882,19 +1933,19 @@ msgstr ""
"うことができるならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr "sudo_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー"
"は次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1905,23 +1956,24 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> は SUDO を明示的に無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"初期値: <quote>id_provider</quote> の値が設定されていると使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1929,7 +1981,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1937,31 +1989,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
+#, fuzzy
+#| msgid ""
+#| "The provider which should handle change password operations for the "
+#| "domain. Supported change password providers are:"
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
+"ドメインに対するパスワード変更操作を取り扱うプロバイダーです。サポートされる"
+"パスワード変更プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1969,22 +2027,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "初期値: none"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr "autofs_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -1992,7 +2045,7 @@ msgstr ""
"プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2000,7 +2053,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2008,17 +2061,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> は明示的に autofs を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr "hostid_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2027,7 +2080,7 @@ msgstr ""
"hostid プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2035,19 +2088,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> は明示的に hostid を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2056,29 +2109,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
-msgstr ""
+msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
-msgstr ""
+msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
-msgstr ""
+msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2089,7 +2142,7 @@ msgstr ""
"everything after that\" に解釈されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2097,7 +2150,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2106,7 +2159,7 @@ msgstr ""
"Python 構文 (?P&lt;name&gt;) のみをサポートします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -2114,17 +2167,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "初期値: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2133,46 +2186,46 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr "サポートする値:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "初期値: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2183,12 +2236,12 @@ msgstr ""
"ドにて操作を継続します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2197,27 +2250,27 @@ msgstr ""
"イン部分を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr "初期値: マシンのホスト名のドメイン部分を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr "override_gid (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr "プライマリー GID の値を指定されたもので上書きします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2226,17 +2279,17 @@ msgstr ""
"このオプションはローカルプロバイダーにおいてサポートされません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr "初期値: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2245,31 +2298,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
"値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "初期値: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2280,17 +2333,17 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr "中継するプロキシターゲット PAM です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2299,12 +2352,12 @@ msgstr ""
"をここに追加する必要があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2315,7 +2368,7 @@ msgstr ""
"_nss_files_getpwent です。"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2324,12 +2377,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "ローカルドメインのセクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2340,27 +2393,27 @@ msgstr ""
"メインに対する設定を含みます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "初期値: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2369,17 +2422,17 @@ msgstr ""
"ホームディレクトリーとして使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "初期値: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2388,17 +2441,17 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "初期値: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2407,12 +2460,12 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2423,17 +2476,17 @@ msgstr ""
"manvolnum> </citerefentry> により使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "初期値: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2446,17 +2499,17 @@ msgstr ""
"を含む、スケルトンディレクトリーです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "初期値: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2467,17 +2520,17 @@ msgstr ""
"が使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "初期値: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2488,18 +2541,18 @@ msgstr ""
"せん。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "初期値: なし、コマンドを実行しません"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "例"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2553,7 +2606,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2609,7 +2662,7 @@ msgstr ""
"オプションを参照してください。"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "設定オプション"
@@ -2617,7 +2670,7 @@ msgstr "設定オプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:60
msgid "ldap_uri, ldap_backup_uri (string)"
-msgstr ""
+msgstr "ldap_uri, ldap_backup_uri (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:63
@@ -2779,22 +2832,22 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:172
msgid "rfc2307"
-msgstr ""
+msgstr "rfc2307"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:177
msgid "rfc2307bis"
-msgstr ""
+msgstr "rfc2307bis"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:182
msgid "IPA"
-msgstr ""
+msgstr "IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
#: sssd-ldap.5.xml:187
msgid "AD"
-msgstr ""
+msgstr "AD"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:193
@@ -3405,8 +3458,8 @@ msgstr "ユーザーの完全名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "初期値: cn"
@@ -3421,7 +3474,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr "初期値: memberOf"
@@ -3624,14 +3677,14 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "初期値: 偽"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ldap.5.xml:886
msgid "ldap_initgroups_use_matching_rule_in_chain"
-msgstr ""
+msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:889
@@ -3832,6 +3885,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "初期値: 6"
@@ -3899,7 +3953,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr "初期値: 900 (15 分)"
@@ -4210,25 +4264,52 @@ msgstr "ldap_sasl_authid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1418
+#, fuzzy
+#| msgid ""
+#| "Specify the SASL authorization id to use. When GSSAPI is used, this "
+#| "represents the Kerberos principal used for authentication to the "
+#| "directory."
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
"使用する SASL 認可 ID を指定します。 GSSAPI が使用されるとき、これが認証のた"
"めに使用される Kerberos プリンシパルをディレクトリーに表現されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr "初期値: host/hostname@REALM"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4237,33 +4318,33 @@ msgstr ""
"するために逆引きを実行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "初期値: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4274,27 +4355,27 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "初期値: 86400 (24 時間)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4306,7 +4387,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4317,7 +4398,7 @@ msgstr ""
"ば _tcp にフォールバックします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4328,27 +4409,27 @@ msgstr ""
"quote> を使用するよう設定ファイルを移行することが推奨されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4357,12 +4438,12 @@ msgstr ""
"します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4371,7 +4452,7 @@ msgstr ""
"す。以下の値が許容されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4380,7 +4461,7 @@ msgstr ""
"ンはサーバー側のパスワードポリシーを無効にできません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4391,7 +4472,7 @@ msgstr ""
"manvolnum></citerefentry> 形式の属性を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4401,18 +4482,23 @@ msgstr ""
"ために MIT Kerberos により使用される属性を使用します。パスワードが変更される"
"とき、これらの属性を更新するために chpass_provider=krb5 を使用します。"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "初期値: none"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr "自動参照追跡が有効化されるかを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4421,7 +4507,7 @@ msgstr ""
"sssd のみが参照追跡をサポートすることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4430,28 +4516,28 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"サービス検索が有効にされているときに使用するサービスの名前を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr "初期値: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4460,29 +4546,29 @@ msgstr ""
"を検索するために使用するサービスの名前を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4493,12 +4579,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "例:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4510,7 +4596,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4519,7 +4605,7 @@ msgstr ""
"ンバーに制限されることを意味します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4532,17 +4618,17 @@ msgstr ""
"た同様です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr "初期値: 空白"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4551,7 +4637,7 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4562,12 +4648,12 @@ msgstr ""
"否します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr "以下の値が許可されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4576,7 +4662,7 @@ msgstr ""
"ldap_user_shadow_expire の値を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4585,7 +4671,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4596,7 +4682,7 @@ msgstr ""
"ldap_ns_account_lock の値を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4609,28 +4695,28 @@ msgstr ""
"クセスが許可されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4639,30 +4725,30 @@ msgstr ""
"authorizedService 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "初期値: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr "値が複数使用されていると設定エラーになることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -4671,12 +4757,12 @@ msgstr ""
"ションが許容されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -4685,7 +4771,7 @@ msgstr ""
"決されますが、検索のベースオブジェクトの位置を探すときはされません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -4694,7 +4780,7 @@ msgstr ""
"すときのみ参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -4703,7 +4789,7 @@ msgstr ""
"きも位置を検索するときも参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -4711,6 +4797,39 @@ msgstr ""
"初期値: 空白(LDAP クライアントライブラリにより <emphasis>never</emphasis> と"
"して取り扱われます)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (論理値)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4727,57 +4846,57 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr "SUDO オプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr "初期値: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "sudo ルール名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr "コマンド名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr "初期値: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -4786,17 +4905,17 @@ msgstr ""
"クグループ)に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr "初期値: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -4805,49 +4924,49 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr "初期値: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "sudo オプションに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr "初期値: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr "初期値: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -4855,34 +4974,34 @@ msgstr ""
"コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr "初期値: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr "初期値: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -4891,39 +5010,39 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr "初期値: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr "初期値: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
-msgstr ""
+msgstr "ldap_sudo_full_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -4932,17 +5051,17 @@ msgstr ""
"ります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr "初期値: 21600 (6 時間)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4950,31 +5069,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -4983,15 +5102,15 @@ msgstr ""
"区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5000,17 +5119,17 @@ msgstr ""
"ならば、このオプションは効果を持ちません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr "初期値: 指定なし"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5019,7 +5138,7 @@ msgstr ""
"アドレスの空白区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5027,36 +5146,36 @@ msgstr ""
"このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5068,59 +5187,59 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr "AUTOFS オプション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr "初期値: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr "LDAP における automount のマップエントリーの名前です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr "初期値: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5129,17 +5248,17 @@ msgstr ""
"ントと対応します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr "初期値: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5152,32 +5271,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "高度なオプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5186,7 +5305,7 @@ msgstr ""
"定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5195,7 +5314,7 @@ msgstr ""
"<emphasis>廃止されます</emphasis>。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5205,7 +5324,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5214,12 +5333,12 @@ msgstr ""
"制限されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5228,7 +5347,7 @@ msgstr ""
"定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5237,17 +5356,17 @@ msgstr ""
"<emphasis>廃止されます</emphasis>。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5258,7 +5377,7 @@ msgstr ""
"さい。 <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5269,8 +5388,17 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5279,7 +5407,6 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5291,19 +5418,20 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "注記"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5672,7 +5800,7 @@ msgstr ""
"ンの中のグループのみに適用されます。ローカルグループは評価されません。"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5687,6 +5815,14 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
@@ -5694,7 +5830,7 @@ msgstr ""
"なることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5705,7 +5841,7 @@ msgstr ""
"セスプロバイダー固有の簡単なオプションのみを示します。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5780,13 +5916,21 @@ msgstr ""
"セスプロバイダーが設定されていなければ、クライアント側において必要になりま"
"す。"
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
@@ -5795,12 +5939,12 @@ msgstr ""
"ドメイン名が使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5810,12 +5954,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
@@ -5824,12 +5968,12 @@ msgstr ""
"使用される完全修飾名を反映しないマシンにおいて設定されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
@@ -5838,7 +5982,7 @@ msgstr ""
"レスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -5848,12 +5992,34 @@ msgstr ""
"要があります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (整数)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 5 (seconds)"
+msgid "Default: 1200 (seconds)"
+msgstr "初期値: 5 (秒)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
@@ -5862,41 +6028,41 @@ msgstr ""
"ために使用される IP アドレスのインターフェースを選択します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "初期値: IPA LDAP 接続の IP アドレスを使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと"
"して使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr "初期値: ベース DN を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し"
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -5905,7 +6071,7 @@ msgstr ""
"してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5916,62 +6082,62 @@ msgstr ""
"と、フィルターは無視されます。"
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと"
"して使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列"
"を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -5979,7 +6145,7 @@ msgstr ""
"取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -5988,7 +6154,7 @@ msgstr ""
"してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -5997,7 +6163,7 @@ msgstr ""
"quote> の値です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6006,7 +6172,7 @@ msgstr ""
"めに使用するベース DN に変換されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6016,12 +6182,12 @@ msgstr ""
"するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6029,17 +6195,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr "初期値: 5 (秒)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "ipa_hbac_refresh (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "ipa_hbac_refresh (整数)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6053,7 +6234,7 @@ msgstr ""
"操作をサポートします:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6062,7 +6243,7 @@ msgstr ""
"てのユーザーがアクセスを拒否されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6072,17 +6253,17 @@ msgstr ""
"注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr "初期値: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
@@ -6091,7 +6272,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
@@ -6101,37 +6282,37 @@ msgstr ""
"ようになることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr "この IPA クライアントが使用する automounter の場所です"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr "初期値: \"default\" という名前の場所"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "ネットワークグループのメンバーを一覧にする LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6140,17 +6321,17 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr "初期値: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6159,17 +6340,17 @@ msgstr ""
"LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr "初期値: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6178,100 +6359,100 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr "初期値: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr "ネットワークグループの NIS ドメイン名を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr "初期値: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr "LDAP にあるホストエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr "初期値: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "ホストの FQDN を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr "初期値: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "SELinux ユーザーマップの名前を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr "このルールが一致するすべてのユーザー・グループを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr "このルールが一致するホスト・ホストグループを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6280,32 +6461,32 @@ msgstr ""
"む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr "初期値: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "SELinux ユーザー文字列自身を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr "初期値: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -6313,72 +6494,104 @@ msgstr ""
"ユーザーマップが使用するために有効化されているかどうかを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr "初期値: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr "'all' のようなユーザーカテゴリーを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr "初期値: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "'all' のようなホストカテゴリーを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr "初期値: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "ユーザーマップの一意な ID を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr "初期値: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "ホストの SSH 公開鍵を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr "初期値: ipaSshPubKey"
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6389,7 +6602,7 @@ msgstr ""
"例は IPA プロバイダー固有のオプションのみを示しています。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6494,7 +6707,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:99
msgid "ad_server, ad_backup_server (string)"
-msgstr ""
+msgstr "ad_server, ad_backup_server (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:102
@@ -6537,9 +6750,11 @@ msgid ""
"fallback_homedir = /home/%u\n"
" "
msgstr ""
+"fallback_homedir = /home/%u\n"
+" "
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6550,7 +6765,7 @@ msgstr ""
"AD プロバイダー固有のオプションのみ示してします。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6573,9 +6788,31 @@ msgstr ""
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
+msgstr "sssd-sudo"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
@@ -6615,7 +6852,7 @@ msgstr ""
#: sssd-sudo.5.xml:57
#, no-wrap
msgid "sudoers: files sss\n"
-msgstr ""
+msgstr "sudoers: files sss\n"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:61
@@ -6630,7 +6867,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:72
msgid "Configuring SSSD to fetch sudo rules"
-msgstr ""
+msgstr "sudo ルールを取得するよう SSSD を設定する方法"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:74
@@ -6779,8 +7016,8 @@ msgstr "keyword ALL"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
-msgstr "正規表現"
+msgid "wildcard"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:173
@@ -8951,7 +9188,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -9149,7 +9386,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: include/ldap_id_mapping.xml:117
msgid "Default: 2000200000"
-msgstr ""
+msgstr "初期値: 2000200000"
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
#: include/ldap_id_mapping.xml:122
@@ -9230,7 +9467,7 @@ msgstr ""
#. type: Content of: <varlistentry><term>
#: include/param_help.xml:3
msgid "<option>-?</option>,<option>--help</option>"
-msgstr ""
+msgstr "<option>-?</option>,<option>--help</option>"
#. type: Content of: <varlistentry><listitem><para>
#: include/param_help.xml:7 include/param_help_py.xml:7
@@ -9405,6 +9642,45 @@ msgstr "関連項目"
#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
+#, fuzzy
+#| msgid ""
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> "
+#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>, </phrase> <citerefentry> "
+#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>."
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
@@ -9439,7 +9715,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
@@ -9536,3 +9812,6 @@ msgid ""
"any autofs-related changes are made to the sssd.conf, you typically also "
"need to restart the automounter daemon after restarting the SSSD."
msgstr ""
+
+#~ msgid "regular expression"
+#~ msgstr "正規表現"
diff --git a/src/man/po/lv.po b/src/man/po/lv.po
new file mode 100644
index 000000000..c1d353a0d
--- /dev/null
+++ b/src/man/po/lv.po
@@ -0,0 +1,8406 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+# Kristaps <krkadikis@inbox.lv>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2012-10-25 17:03+0000\n"
+"Last-Translator: Kristaps <krkadikis@inbox.lv>\n"
+"Language-Team: Latvian (http://www.transifex.com/projects/p/fedora/language/"
+"lv/)\n"
+"Language: lv\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n != 0 ? 1 : "
+"2);\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
+#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
+#: sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5
+#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5
+#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5
+#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5
+#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
+#: sss_ssh_knownhostsproxy.1.xml:5
+msgid "SSSD Manual pages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
+#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
+#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
+#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11
+#: sss_debuglevel.8.xml:11 sss_seed.8.xml:11
+msgid "8"
+msgstr "8"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
+#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30
+#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30
+#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30
+#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30
+#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30
+#: sss_ssh_knownhostsproxy.1.xml:31
+msgid "DESCRIPTION"
+msgstr "APRAKSTS"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
+#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
+#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42
+#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62
+msgid "OPTIONS"
+msgstr "IESPĒJAS"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr "sssd.conf"
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
+#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11
+msgid "5"
+msgstr "5"
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
+#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues "
+"until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>). Inline comments are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:47
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:53
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:59
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:62
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:73
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:76
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:82
+msgid "services"
+msgstr "pakalpojumi"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:85
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:89
+msgid ""
+"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
+"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
+"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
+"phrase>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
+msgid "Default: 3"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:111
+msgid "domains"
+msgstr "domēni"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:114
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:127
+msgid ""
+"Default regular expression that describes how to parse the string containing "
+"user name and domain into these components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:132
+msgid ""
+"Each domain can have an individual regular expression configured. For some "
+"ID providers there are also default regular expressions. See DOMAIN "
+"SECTIONS for more info on these regular expressions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:144
+msgid ""
+"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+"how to translate a (name, domain) tuple into a fully qualified name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:152
+msgid ""
+"Each domain can have an individual format string configured. see DOMAIN "
+"SECTIONS for more info on this option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:158
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:161
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:169
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:175
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:179
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:186
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:189
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:193
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:199
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:206
+msgid "default_domain_suffix (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:209
+msgid ""
+"This string will be used as a default domain name for all names without a "
+"domain name component. The main use case is environments where the primary "
+"domain is intended for managing host policies and all users are located in a "
+"trusted domain. The option allows those users to log in just with their "
+"user name without giving a domain name as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:219
+msgid ""
+"Please note that if this option is set all users from the primary domain "
+"have to use their fully qualified name, e.g. user@domain.name, to log in."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
+#: include/ldap_id_mapping.xml:156
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:64
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:236
+msgid "SERVICES SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:238
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be <quote>[nss]</"
+"quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:245
+msgid "General service configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:247
+msgid "These options can be used to configure any service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:251
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:255
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:258
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
+msgid "Default: true"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:266
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:269
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
+msgid "Default: false"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:277
+msgid "timeout (integer)"
+msgstr "noildze (vesels skaitlis)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:280
+msgid ""
+"Timeout in seconds between heartbeats for this service. This is used to "
+"ensure that the process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
+msgid "Default: 10"
+msgstr "Noklusējuma: 10"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:303
+msgid "fd_limit"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:306
+msgid ""
+"This option specifies the maximum number of file descriptors that may be "
+"opened at one time by this SSSD process. On systems where SSSD is granted "
+"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
+"systems without this capability, the resulting value will be the lower value "
+"of this or the limits.conf \"hard\" limit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:315
+msgid "Default: 8192 (or limits.conf \"hard\" limit)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:320
+msgid "client_idle_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:323
+msgid ""
+"This option specifies the number of seconds that a client of an SSSD process "
+"can hold onto a file descriptor without communicating on it. This value is "
+"limited in order to avoid resource exhaustion on the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Noklusējuma: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:354
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:356
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:361
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:364
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368
+msgid "Default: 120"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:373
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+msgid ""
+"The entry cache can be set to automatically update entries in the background "
+"if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:382
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:392
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
+"disables this feature)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:400
+msgid "Default: 50"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:405
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:408
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
+msgid "Default: 15"
+msgstr "Noklusējuma: 15"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:419
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:429
+msgid "Default: root"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:434
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:437
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:446 sssd-ad.5.xml:132
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:455 sssd-ad.5.xml:141 sssd-krb5.5.xml:169
+msgid "%u"
+msgstr "%u"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:456 sssd-ad.5.xml:142 sssd-krb5.5.xml:170
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:459 sssd-ad.5.xml:145 sssd-krb5.5.xml:173
+msgid "%U"
+msgstr "%U"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:460 sssd-ad.5.xml:146
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:463 sssd-ad.5.xml:149 sssd-krb5.5.xml:191
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:464 sssd-ad.5.xml:150
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:467 sssd-ad.5.xml:153
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:468 sssd-ad.5.xml:154
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:449 sssd-ad.5.xml:135
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
+#, no-wrap
+msgid ""
+"override_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
+msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
+msgid "fallback_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
+msgid ""
+"Set a default template for a user's home directory if one is not specified "
+"explicitly by the domain's data provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
+msgid ""
+"The available values for this option are the same as for override_homedir."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
+msgid "Default: not set (no substitution for unset home directories)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:524
+msgid "override_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:527
+msgid ""
+"Override the login shell for all users. This option can be specified "
+"globally in the [nss] section or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:532
+msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:538
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:541
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:544
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:548
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:553
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:558
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:561
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:565
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:570
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:573
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:578
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:581
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:585
+msgid "Default: /bin/sh"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
+msgid "default_shell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
+msgid ""
+"The default shell to use if the provider does not return one during lookup. "
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
+msgid ""
+"Default: not set (Return NULL if no shell is specified and rely on libc to "
+"substitute something sensible when necessary, usually /bin/sh)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
+msgid "get_domains_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
+msgid ""
+"Specifies time in seconds for which the list of subdomains will be "
+"considered valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:618
+msgid "memcache_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:621
+msgid ""
+"Specifies time in seconds for which records in the in-memory cache will be "
+"valid"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
+msgid "Default: 300"
+msgstr "Noklusējuma: 300"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:632
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:634
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:639
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:642
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
+msgid "Default: 0 (No limit)"
+msgstr "Noklusējuma: 0 (bez ierobežojuma)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:653
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:656
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:666
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:669
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:674
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable offline authentication again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
+msgid "Default: 5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:686
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:689
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:694
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:697
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:700
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:704
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:707
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:711 sssd.8.xml:63
+msgid "Default: 1"
+msgstr "Noklusējuma: 1"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:716
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:719
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:725
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:739
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:745
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
+msgid ""
+"If zero is set, then this filter is not applied, i.e. if the expiration "
+"warning was received from backend server, it will automatically be displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:756
+msgid ""
+"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
+"emphasis> for a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:761 sssd.8.xml:79
+msgid "Default: 0"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:781
+msgid "SUDO configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:783
+msgid "These options can be used to configure the sudo service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:787
+msgid "sudo_timed (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:790
+msgid ""
+"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
+"that implement time-dependent sudoers entries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:803
+msgid "AUTOFS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:805
+msgid "These options can be used to configure the autofs service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:809
+msgid "autofs_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:812
+msgid ""
+"Specifies for how many seconds should the autofs responder negative cache "
+"hits (that is, queries for invalid map entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:828
+msgid "SSH configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:830
+msgid "These options can be used to configure the SSH service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:834
+msgid "ssh_hash_known_hosts (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:837
+msgid ""
+"Whether or not to hash host names and addresses in the managed known_hosts "
+"file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
+msgid "PAC responder configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:863
+msgid ""
+"The PAC responder works together with the authorization data plugin for MIT "
+"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
+"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
+"provider collects domain SID and ID ranges of the domain the client is "
+"joined to and of remote trusted domains from the local domain controller. "
+"If the PAC is decoded and evaluated some of the following operations are "
+"done:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:872
+msgid ""
+"If the remote user does not exist in the cache, it is created. The uid is "
+"calculated based on the SID, trusted domains will have UPGs and the gid will "
+"have the same value as the uid. The home directory is set based on the "
+"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
+"system defaults are used, but can be overwritten with the default_shell "
+"parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:880
+msgid ""
+"If there are SIDs of groups from the domain the sssd client belongs to, the "
+"user will be added to those groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:886
+msgid "These options can be used to configure the PAC responder."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:890
+msgid "allowed_uids (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:893
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the PAC responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:899
+msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:903
+msgid ""
+"Please note that although the UID 0 is used as the default it will be "
+"overwritten with this option. If you still want to allow the root user to "
+"access the PAC responder, which would be the typical case, you have to add 0 "
+"to the list of allowed UIDs as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:917
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:924
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:927
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:932
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned "
+"to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:939
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:945
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:948
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the "
+"following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:952
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:955
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
+msgid "Default: FALSE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:961
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup "
+"to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:974
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:979
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer "
+"to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1011
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1014
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1018
+msgid "Default: 5400"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1024
+msgid "entry_cache_user_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1027
+msgid ""
+"How many seconds should nss_sss consider user entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
+msgid "Default: entry_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1037
+msgid "entry_cache_group_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1040
+msgid ""
+"How many seconds should nss_sss consider group entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1050
+msgid "entry_cache_netgroup_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1053
+msgid ""
+"How many seconds should nss_sss consider netgroup entries valid before "
+"asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1063
+msgid "entry_cache_service_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1066
+msgid ""
+"How many seconds should nss_sss consider service entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1076
+msgid "entry_cache_sudo_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1079
+msgid ""
+"How many seconds should sudo consider rules valid before asking the backend "
+"again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1089
+msgid "entry_cache_autofs_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1092
+msgid ""
+"How many seconds should the autofs service consider automounter maps valid "
+"before asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1103
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1106
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1110
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1119
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1122
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1129
+msgid "Default: 0 (unlimited)"
+msgstr "Noklusējuma: 0 (neierobežots)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1134
+msgid "pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1145
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning. Also an auth provider has to be configured for the "
+"backend."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1152
+msgid "Default: 7 (Kerberos), 0 (LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1158
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1161
+msgid ""
+"The identification provider used for the domain. Supported ID providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1168
+msgid "<quote>local</quote>: SSSD internal provider for local users"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1172
+msgid ""
+"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
+"information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
+msgid ""
+"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
+"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
+"FreeIPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
+msgid ""
+"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Active Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1200
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1203
+msgid ""
+"Use the full name and domain (as formatted by the domain's full_name_format) "
+"as the user's login name reported to NSS."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1208
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1241
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1252
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1276
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1279
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1282
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1288
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1291
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1297
+msgid ""
+"<quote>permit</quote> always allow access. It's the only permitted access "
+"provider for a local domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1300
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1327
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> for more information on configuring the simple "
+"access module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1334
+msgid "Default: <quote>permit</quote>"
+msgstr "Noklusējuma: <quote>atļaut</quote>"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1339
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1342
+msgid ""
+"The provider which should handle change password operations for the domain. "
+"Supported change password providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1347
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1355
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1380
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1384
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1387
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1394
+msgid "sudo_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1397
+msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1401
+msgid ""
+"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1408
+msgid "<quote>none</quote> disables SUDO explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
+msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1417
+msgid "selinux_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1420
+msgid ""
+"The provider which should handle loading of selinux settings. Note that this "
+"provider will be called right after access provider ends. Supported selinux "
+"providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1426
+msgid ""
+"<quote>ipa</quote> to load selinux settings from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1434
+msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1437
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"selinux loading requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1443
+msgid "subdomains_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1446
+msgid ""
+"The provider which should handle fetching of subdomains. This value should "
+"be always the same as id_provider. Supported subdomain providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1452
+msgid ""
+"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1461
+msgid "<quote>none</quote> disallows fetching subdomains explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1472
+msgid "autofs_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1475
+msgid ""
+"The autofs provider used for the domain. Supported autofs providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1479
+msgid ""
+"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1486
+msgid ""
+"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
+"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1494
+msgid "<quote>none</quote> disables autofs explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1504
+msgid "hostid_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1507
+msgid ""
+"The provider used for retrieving host identity information. Supported "
+"hostid providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1511
+msgid ""
+"<quote>ipa</quote> to load host identity stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1519
+msgid "<quote>none</quote> disables hostid explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1532
+msgid ""
+"Regular expression for this domain that describes how to parse the string "
+"containing user name and domain into these components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1537
+msgid ""
+"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
+"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
+"P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles for "
+"user names:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1542
+msgid "username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1545
+msgid "username@domain.name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1548
+msgid "domain\\username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1551
+msgid ""
+"While the first two correspond to the general default the third one is "
+"introduced to allow easy integration of users from Windows domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1556
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1562
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1569
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
+"P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to translate "
+"a (name, domain) tuple for this domain into a fully qualified name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1587
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1593
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1596
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1600
+msgid "Supported values:"
+msgstr "Atbalstītās vērtības:"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1603
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1606
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1609
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1612
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1615
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1621
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1624
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached, "
+"the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1636
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1639
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1643
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1649
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1652
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1658
+msgid "case_sensitive (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1661
+msgid ""
+"Treat user and group names as case sensitive. At the moment, this option is "
+"not supported in the local provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1666
+msgid "Default: True"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1672
+msgid "proxy_fast_alias (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1675
+msgid ""
+"When a user or group is looked up by name in the proxy provider, a second "
+"lookup by ID is performed to \"canonicalize\" the name in case the requested "
+"name was an alias. Setting this option to true would cause the SSSD to "
+"perform the ID lookup from cache for performance reasons."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1689
+msgid "subdomain_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1692
+msgid ""
+"Use this homedir as default value for all subdomains within this domain. See "
+"<emphasis>override_homedir</emphasis> for info about possible values."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1697
+msgid ""
+"The value can be overridden by <emphasis>override_homedir</emphasis> option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1701
+msgid "Default: <filename>/home/%d/%u</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:919
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
+"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1713
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1716
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1719
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1727
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1730
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1709
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+"\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:1742
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:1744
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses "
+"<replaceable>id_provider=local</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1751
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1754
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1758
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr "Noklusējuma: <filename>/bin/bash</filename>"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1763
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1766
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable> "
+"and use that as the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1771
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1776
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1779
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
+msgid "Default: TRUE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1788
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1791
+msgid ""
+"Indicate if a home directory should be removed by default for deleted "
+"users. Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1800
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1803
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1811
+msgid "Default: 077"
+msgstr "Noklusējuma: 077"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1816
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1819
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1829
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr "Noklusējuma: <filename>/etc/skel</filename>"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1834
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1837
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1844
+msgid "Default: <filename>/var/mail</filename>"
+msgstr "Noklusējuma: <filename>/var/mail</filename>"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1849
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1852
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1858
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
+msgid "EXAMPLE"
+msgstr "PIEMĒRS"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:1874
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1870
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr "sssd-ldap"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for detailed syntax information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to "
+"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication "
+"over an unencrypted channel. If the LDAP server is used only as an identity "
+"provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
+#: sssd-krb5.5.xml:63
+msgid "CONFIGURATION OPTIONS"
+msgstr "KONFIGURĒŠANAS IESPĒJAS"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri, ldap_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"neither option is specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference to change the password of a user. "
+"Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:122
+msgid ""
+"The filter must be a valid LDAP search filter as specified by http://www."
+"ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126
+msgid "Examples:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
+"(host=thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts "
+"attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exist or has an empty value namingContexts is "
+"used. The namingContexts attribute must have a single value with the DN of "
+"the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:168
+msgid "Four schema types are currently supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:172
+msgid "rfc2307"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:177
+msgid "rfc2307bis"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:182
+msgid "IPA"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:187
+msgid "AD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:193
+msgid ""
+"The main difference between these schema types is how group memberships are "
+"recorded in the server. With rfc2307, group members are listed by name in "
+"the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, "
+"group members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute. The AD schema type sets the attributes to correspond with Active "
+"Directory 2008r2 values."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "Default: rfc2307"
+msgstr "Noklusējuma: rfc2307"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:209
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:219
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:222
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:226
+msgid "The two mechanisms currently supported are:"
+msgstr "Divi pašlaik atbalstītie mehānismi ir:"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:229
+msgid "password"
+msgstr "parole"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:232
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:235
+msgid "Default: password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:241
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:244
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:251
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:254
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:257
+msgid "Default: posixAccount"
+msgstr "Noklusējuma: posixAccount"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:263
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:266
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:270
+msgid "Default: uid"
+msgstr "Noklusējuma: uid"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:276
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:279
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:283
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:289
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:292
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:302
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:305
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:309
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:315
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:318
+msgid "The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:322
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:328
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:331
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:335
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:341
+msgid "ldap_user_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:344
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+msgid "Default: nsUniqueId"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:354
+msgid "ldap_user_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:357
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP user object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+msgid "Default: objectSid for ActiveDirectory, not set for other servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:369
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:382
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:385
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
+"the last password change)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:395
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:401
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:404
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:413
+msgid "Default: shadowMin"
+msgstr "Noklusējuma: shadowMin"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:419
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:422
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:431
+msgid "Default: shadowMax"
+msgstr "Noklusējuma: shadowMax"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:437
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:440
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password warning period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:450
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:456
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:459
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password inactivity period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:469
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:475
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:478
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
+"parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> counterpart (account expiration date)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:488
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:494
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:497
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:518
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:524
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:527
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:532
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:538
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:541
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:546
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:552
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:555
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:560
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:566
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:569
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:579
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:582
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:593
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:596
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:607
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:610
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:614
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:620
+msgid "ldap_user_ssh_public_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:623
+msgid "The LDAP attribute that contains the user's SSH public keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:630
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:633
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to "
+"fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:646
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:649
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing its cache of "
+"enumerated records."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:660
+msgid "ldap_purge_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:663
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:669
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:673
+msgid "Default: 10800 (12 hours)"
+msgstr "Noklusējuma: 10800 (12 stundas)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:679
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:682
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:692
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:695
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:705
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:708
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry "
+"to determine access privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:715
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:720
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:726
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:729
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:735
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:740
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:746
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:749
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:752
+msgid "Default: posixGroup"
+msgstr "Noklusējuma: posixGroup"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:758
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:761
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:771
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:774
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:784
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:787
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:791
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:797
+msgid "ldap_group_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:800
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:810
+msgid "ldap_group_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:813
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP group object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:825
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:838
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:841
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:848
+msgid "Default: 2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:854
+msgid "ldap_groups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:857
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which may speed up group lookup operations on deployments with "
+"complex or deep nested groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:863
+msgid ""
+"In most common cases, it is best to leave this option disabled. It generally "
+"only provides a performance increase on very complex nestings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+msgid ""
+"If this option is enabled, SSSD will use it if it detects that the server "
+"supports it during initial connection. So \"True\" here essentially means "
+"\"auto-detect\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+msgid ""
+"Note: This feature is currently known to work only with Active Directory "
+"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
+"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
+"for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+msgid "Default: False"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:886
+msgid "ldap_initgroups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:889
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which might speed up initgroups operations (most notably when "
+"dealing with complex or deep nested groups)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:913
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:916
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:919
+msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:923
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:929
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:932
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:936
+msgid "In IPA provider, ipa_netgroup_name should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:946
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:949
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:953
+msgid "In IPA provider, ipa_netgroup_member should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:957
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:963
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:966
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+msgid "This option is not available in IPA provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:973
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:979
+msgid "ldap_netgroup_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:982
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:986
+msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:996
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1012
+msgid "ldap_service_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1015
+msgid "The object class of a service entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1018
+msgid "Default: ipService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1024
+msgid "ldap_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1027
+msgid ""
+"The LDAP attribute that contains the name of service attributes and their "
+"aliases."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1037
+msgid "ldap_service_port (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1040
+msgid "The LDAP attribute that contains the port managed by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1044
+msgid "Default: ipServicePort"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1050
+msgid "ldap_service_proto (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1053
+msgid ""
+"The LDAP attribute that contains the protocols understood by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1057
+msgid "Default: ipServiceProtocol"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1063
+msgid "ldap_service_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1068
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1071
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1077
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
+msgid "Default: 6"
+msgstr "Noklusējuma: 6"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1089
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1092
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results "
+"are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1105
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1108
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
+"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
+"manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
+"citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1131
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1134
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1146
+msgid "ldap_connection_expire_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1149
+msgid ""
+"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
+"maintained. After this time, the connection will be re-established. If used "
+"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
+"the TGT lifetime) will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+msgid "Default: 900 (15 minutes)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1163
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1166
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1171
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1177
+msgid "ldap_disable_paging (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1180
+msgid ""
+"Disable the LDAP paging control. This option should be used if the LDAP "
+"server reports that it supports the LDAP paging control in its RootDSE but "
+"it is not enabled or does not behave properly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1186
+msgid ""
+"Example: OpenLDAP servers with the paging control module installed on the "
+"server but not enabled will report it in the RootDSE but be unable to use it."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1192
+msgid ""
+"Example: 389 DS has a bug where it can only support a one paging control at "
+"a time on a single connection. On busy clients, this can result in some "
+"requests being denied."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1204
+msgid "ldap_sasl_minssf (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1207
+msgid ""
+"When communicating with an LDAP server using SASL, specify the minimum "
+"security level necessary to establish the connection. The values of this "
+"option are defined by OpenLDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1213
+msgid "Default: Use the system default (usually specified by ldap.conf)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1220
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1223
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1229
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1233
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1241
+msgid ""
+"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
+"filter, then the dereference lookup performance enhancement will be disabled "
+"regardless of this setting."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1254
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1257
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if "
+"any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1263
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server "
+"certificate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1267
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1274
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1280
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1286
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1290
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1296
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1299
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+msgid ""
+"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
+"conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1311
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1314
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1329
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1332
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1342
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1345
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1354
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1357
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated "
+"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1370
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1373
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem class="
+"\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1383
+msgid "ldap_id_mapping (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1386
+msgid ""
+"Specifies that SSSD should attempt to map user and group IDs from the "
+"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
+"on ldap_user_uid_number and ldap_group_gid_number."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1392
+msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1402
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1405
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1415
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1418
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1426
+msgid "Default: host/hostname@REALM"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1450
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1455
+msgid "Default: false;"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1461
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1464
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1467
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1473
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1476
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This "
+"action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1488
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1491
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1495
+msgid "Default: 86400 (24 hours)"
+msgstr "Noklusējuma: 86400 (24 stundas)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+msgid "krb5_server, krb5_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1504
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches "
+"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
+"none are found."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
+"While the legacy name is recognized for the time being, users are advised to "
+"migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1533
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1536
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1545
+msgid ""
+"Specifies if the host principal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1557
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1560
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1565
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1570
+msgid ""
+"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
+"evaluate if the password has expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1576
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update "
+"these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1588
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1591
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1600
+msgid ""
+"Chasing referrals may incur a performance penalty in environments that use "
+"them heavily, a notable example is Microsoft Active Directory. If your setup "
+"does not in fact require the use of referrals, setting this option to false "
+"might bring a noticeable performance improvement."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1614
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1617
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1621
+msgid "Default: ldap"
+msgstr "Noklusējuma: ldap"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1627
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1630
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1635
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1641
+msgid "ldap_chpass_update_last_change (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1644
+msgid ""
+"Specifies whether to update the ldap_user_shadow_last_change attribute with "
+"days since the Epoch after a password change operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1656
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1659
+msgid ""
+"If using access_provider = ldap and ldap_access_order = filter (default), "
+"this option is mandatory. It specifies an LDAP search filter criteria that "
+"must be met for the user to be granted access on this host. If "
+"access_provider = ldap, ldap_access_order = filter and this option is not "
+"set, it will result in all users being denied access. Use access_provider = "
+"permit to change this default behavior."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+msgid "Example:"
+msgstr "Piemērs:"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1674
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1678
+msgid ""
+"This example means that access to this host is restricted to members of the "
+"\"allowedusers\" group in ldap."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1683
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted "
+"access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1697
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1700
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1704
+msgid ""
+"Please note that it is always recommended to use server side access control, "
+"i.e. the LDAP server should deny the bind request with a suitable error code "
+"even if the password is correct."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1711
+msgid "The following values are allowed:"
+msgstr "Atļautas šādas vērtības:"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1714
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1719
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time "
+"of the account is checked."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1726
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
+"emphasis>: use the value of ldap_ns_account_lock to check if access is "
+"allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1732
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1747
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1750
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1754
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1757
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1761
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
+"to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1766
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1770
+msgid "Default: filter"
+msgstr "Noklusējuma: filtrēt"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1773
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1780
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1783
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1788
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1792
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1797
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1802
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1807
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for full details. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1849
+msgid "SUDO OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1853
+msgid "ldap_sudorule_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1856
+msgid "The object class of a sudo rule entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1859
+msgid "Default: sudoRole"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1865
+msgid "ldap_sudorule_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1868
+msgid "The LDAP attribute that corresponds to the sudo rule name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1878
+msgid "ldap_sudorule_command (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1881
+msgid "The LDAP attribute that corresponds to the command name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1885
+msgid "Default: sudoCommand"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1891
+msgid "ldap_sudorule_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1894
+msgid ""
+"The LDAP attribute that corresponds to the host name (or host IP address, "
+"host IP network, or host netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1899
+msgid "Default: sudoHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1905
+msgid "ldap_sudorule_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1908
+msgid ""
+"The LDAP attribute that corresponds to the user name (or UID, group name or "
+"user's netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1912
+msgid "Default: sudoUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1918
+msgid "ldap_sudorule_option (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1921
+msgid "The LDAP attribute that corresponds to the sudo options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1925
+msgid "Default: sudoOption"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1931
+msgid "ldap_sudorule_runasuser (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1934
+msgid ""
+"The LDAP attribute that corresponds to the user name that commands may be "
+"run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1938
+msgid "Default: sudoRunAsUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1944
+msgid "ldap_sudorule_runasgroup (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1947
+msgid ""
+"The LDAP attribute that corresponds to the group name or group GID that "
+"commands may be run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1951
+msgid "Default: sudoRunAsGroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1957
+msgid "ldap_sudorule_notbefore (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1960
+msgid ""
+"The LDAP attribute that corresponds to the start date/time for when the sudo "
+"rule is valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1964
+msgid "Default: sudoNotBefore"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1970
+msgid "ldap_sudorule_notafter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1973
+msgid ""
+"The LDAP attribute that corresponds to the expiration date/time, after which "
+"the sudo rule will no longer be valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1978
+msgid "Default: sudoNotAfter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1984
+msgid "ldap_sudorule_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1987
+msgid "The LDAP attribute that corresponds to the ordering index of the rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1991
+msgid "Default: sudoOrder"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1997
+msgid "ldap_sudo_full_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2000
+msgid ""
+"How many seconds SSSD will wait between executing a full refresh of sudo "
+"rules (which downloads all rules that are stored on the server)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2005
+msgid ""
+"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
+"emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2010
+msgid "Default: 21600 (6 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2016
+msgid "ldap_sudo_smart_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2019
+msgid ""
+"How many seconds SSSD has to wait before executing a smart refresh of sudo "
+"rules (which downloads all rules that have USN higher than the highest USN "
+"of cached rules)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2025
+msgid ""
+"If USN attributes are not supported by the server, the modifyTimestamp "
+"attribute is used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2035
+msgid "ldap_sudo_use_host_filter (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2038
+msgid ""
+"If true, SSSD will download only rules that are applicable to this machine "
+"(using the IPv4 or IPv6 host/network addresses and hostnames)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2049
+msgid "ldap_sudo_hostnames (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2052
+msgid ""
+"Space separated list of hostnames or fully qualified domain names that "
+"should be used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2057
+msgid ""
+"If this option is empty, SSSD will try to discover the hostname and the "
+"fully qualified domain name automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
+msgid ""
+"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
+"emphasis> then this option has no effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+msgid "Default: not specified"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2073
+msgid "ldap_sudo_ip (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2076
+msgid ""
+"Space separated list of IPv4 or IPv6 host/network addresses that should be "
+"used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2081
+msgid ""
+"If this option is empty, SSSD will try to discover the addresses "
+"automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2096
+msgid "ldap_sudo_include_netgroups (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2099
+msgid ""
+"If true then SSSD will download every rule that contains a netgroup in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2114
+msgid "ldap_sudo_include_regexp (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2117
+msgid ""
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1851
+msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2133
+msgid ""
+"This manual page only describes attribute name mapping. For detailed "
+"explanation of sudo related attribute semantics, see <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2143
+msgid "AUTOFS OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2145
+msgid ""
+"Please note that the default values correspond to the default schema which "
+"is RFC2307."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2151
+msgid "ldap_autofs_map_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+msgid "The object class of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+msgid "Default: automountMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2164
+msgid "ldap_autofs_map_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2167
+msgid "The name of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2170
+msgid "Default: ou"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2177
+msgid "ldap_autofs_entry_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2191
+msgid "ldap_autofs_entry_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+msgid ""
+"The key of an automount entry in LDAP. The entry usually corresponds to a "
+"mount point."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2205
+msgid "ldap_autofs_entry_value (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2212
+msgid "Default: automountInformation"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2149
+msgid ""
+"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+"\"variablelist\" id=\"4\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2222
+msgid "ADVANCED OPTIONS"
+msgstr "PAPLAŠINĀTĀS IESPĒJAS"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2229
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2234
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2239
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2244
+msgid "ldap_user_search_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2247
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict user searches."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2251
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_user_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:2261
+#, no-wrap
+msgid ""
+" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2264
+msgid ""
+"This filter would restrict user searches to users that have their shell set "
+"to /bin/tcsh."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2271
+msgid "ldap_group_search_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2274
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict group searches."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2278
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_group_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2288
+msgid "ldap_sudo_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2293
+msgid "ldap_autofs_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2224
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you "
+"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2310
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:2316
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
+msgid "NOTES"
+msgstr "PIEZĪMES"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2330
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - http://"
+"fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:45
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through <command>syslog"
+"(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:55
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:58
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:63
+msgid "<option>forward_pass</option>"
+msgstr "<option>forward_pass</option>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:66
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:73
+msgid "<option>use_first_pass</option>"
+msgstr "<option>use_first_pass</option>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:76
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:84
+msgid "<option>use_authtok</option>"
+msgstr "<option>use_authtok</option>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:87
+msgid ""
+"When password changing enforce the module to set the new password to the one "
+"provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:94
+msgid "<option>retry=N</option>"
+msgstr "<option>retry=N</option>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:97
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:99
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:110
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:111
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:117
+msgid "FILES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:118
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:123
+msgid ""
+"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
+"filename> where LOC stands for a locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
+"citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
+"the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:133
+msgid ""
+"These files are searched in the directory <filename>/etc/sssd/customize/"
+"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
+"displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos "
+"libraries what Realm and which KDC to use. Typically this is done in "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> which is always read by the Kerberos libraries. "
+"To simplify the configuration the Realm and the KDC can be defined in "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variables and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr "sssd-simple"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only "
+"to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:133
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the simple access provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:140
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr "sssd-ipa"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:55
+msgid ""
+"However, it is neither necessary nor recommended to set these options. IPA "
+"provider can also be used as an access and chpass provider. As an access "
+"provider it uses HBAC (host-based access control) rules. Please refer to "
+"freeipa.org for more information about HBAC. No configuration of access "
+"provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:78
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:81
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:89
+msgid "ipa_server, ipa_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:92
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section. "
+"This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:105
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:108
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:116
+msgid "ipa_dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:119
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:124
+msgid ""
+"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
+"the default Kerberos realm must be set properly in /etc/krb5.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 10800 (12 hours)"
+msgid "Default: 1200 (seconds)"
+msgstr "Noklusējuma: 10800 (12 stundas)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
+msgid "ipa_dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:152
+msgid ""
+"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
+"interface whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:157
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:163
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:166
+msgid "Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:170
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:176
+msgid "ipa_host_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:179
+msgid "Optional. Use the given string as search base for host objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:188
+msgid ""
+"If filter is given in any of search bases and "
+"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
+"will be ignored."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
+#: include/ldap_search_bases_experimental.xml:23
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:200
+msgid "ipa_selinux_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:203
+msgid "Optional. Use the given string as search base for SELinux user maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:219
+msgid "ipa_subdomains_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:222
+msgid "Optional. Use the given string as search base for trusted domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:231
+msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:238
+msgid "ipa_master_domain_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:241
+msgid "Optional. Use the given string as search base for master domain object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:250
+msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:260
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:267
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:277
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:281
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:292
+msgid ""
+"Specifies if the host and user principal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:305
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:308
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "timeout (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "noildze (vesels skaitlis)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:340
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:349
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:354
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:359
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:364
+msgid "ipa_hbac_support_srchost (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:367
+msgid ""
+"If this is set to false, then srchost as given to SSSD by PAM will be "
+"ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:371
+msgid ""
+"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
+"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:382
+msgid "ipa_automount_location (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:385
+msgid "The automounter location this IPA client will be using"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:388
+msgid "Default: The location named \"default\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:395
+msgid "ipa_netgroup_member_of (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:398
+msgid "The LDAP attribute that lists netgroup's memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:407
+msgid "ipa_netgroup_member_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:410
+msgid ""
+"The LDAP attribute that lists system users and groups that are direct "
+"members of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
+msgid "Default: memberUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:420
+msgid "ipa_netgroup_member_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:423
+msgid ""
+"The LDAP attribute that lists hosts and host groups that are direct members "
+"of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
+msgid "Default: memberHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:432
+msgid "ipa_netgroup_member_ext_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:435
+msgid ""
+"The LDAP attribute that lists FQDNs of hosts and host groups that are "
+"members of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:439
+msgid "Default: externalHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:444
+msgid "ipa_netgroup_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:447
+msgid "The LDAP attribute that contains NIS domain name of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:451
+msgid "Default: nisDomainName"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:457
+msgid "ipa_host_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
+msgid "The object class of a host entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
+msgid "Default: ipaHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:468
+msgid "ipa_host_fqdn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:471
+msgid "The LDAP attribute that contains FQDN of the host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:474
+msgid "Default: fqdn"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:480
+msgid "ipa_selinux_usermap_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:491
+msgid "ipa_selinux_usermap_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:494
+msgid "The LDAP attribute that contains the name of SELinux usermap."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:503
+msgid "ipa_selinux_usermap_member_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:506
+msgid ""
+"The LDAP attribute that contains all users / groups this rule match against."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:515
+msgid "ipa_selinux_usermap_member_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:518
+msgid ""
+"The LDAP attribute that contains all hosts / hostgroups this rule match "
+"against."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:527
+msgid "ipa_selinux_usermap_see_also (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:530
+msgid ""
+"The LDAP attribute that contains DN of HBAC rule which can be used for "
+"matching instead of memberUser and memberHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:535
+msgid "Default: seeAlso"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:540
+msgid "ipa_selinux_usermap_selinux_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:543
+msgid "The LDAP attribute that contains SELinux user string itself."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:547
+msgid "Default: ipaSELinuxUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:552
+msgid "ipa_selinux_usermap_enabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:555
+msgid ""
+"The LDAP attribute that contains whether or not is user map enabled for "
+"usage."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:559
+msgid "Default: ipaEnabledFlag"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:564
+msgid "ipa_selinux_usermap_user_category (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:567
+msgid "The LDAP attribute that contains user category such as 'all'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:571
+msgid "Default: userCategory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:576
+msgid "ipa_selinux_usermap_host_category (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:579
+msgid "The LDAP attribute that contains host category such as 'all'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:583
+msgid "Default: hostCategory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:588
+msgid "ipa_selinux_usermap_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:591
+msgid "The LDAP attribute that contains unique ID of the user map."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:595
+msgid "Default: ipaUniqueID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:600
+msgid "ipa_host_ssh_public_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:603
+msgid "The LDAP attribute that contains the host's SSH public keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:607
+msgid "Default: ipaSshPubKey"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:652
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
+msgid "sssd-ad"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:23
+msgid ""
+"This manual page describes the configuration of the AD provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:36
+msgid ""
+"The AD provider is a back end used to connect to an Active Directory server. "
+"This provider requires that the machine be joined to the AD domain and a "
+"keytab is available."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:41
+msgid ""
+"The AD provider supports connecting to Active Directory 2008 R2 or later. "
+"Earlier versions may work, but are unsupported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:45
+msgid ""
+"The AD provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:57
+msgid ""
+"However, it is neither necessary nor recommended to set these options. The "
+"AD provider can also be used as an access and chpass provider. No "
+"configuration of the access provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:69
+#, no-wrap
+msgid ""
+"ldap_id_mapping = False\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:63
+msgid ""
+"By default, the AD provider will map UID and GID values from the objectSID "
+"parameter in Active Directory. For details on this, see the <quote>ID "
+"MAPPING</quote> section below. If you want to disable ID mapping and instead "
+"rely on POSIX attributes defined in Active Directory, you should set "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:83
+msgid "ad_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:86
+msgid ""
+"Specifies the name of the Active Directory domain. This is optional. If not "
+"provided, the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:91
+msgid ""
+"For proper operation, this option should be specified as the lower-case "
+"version of the long version of the Active Directory domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:99
+msgid "ad_server, ad_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:102
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the AD servers to "
+"which SSSD should connect in order of preference. For more information on "
+"failover and server redundancy, see the <quote>FAILOVER</quote> section. "
+"This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:115
+msgid "ad_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:118
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the Active Directory domain to identify this "
+"host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:124
+msgid ""
+"This field is used to determine the host principal in use in the keytab. It "
+"must match the hostname for which the keytab was issued."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:193
+#, no-wrap
+msgid ""
+"fallback_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:231
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This example shows only the AD provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:238
+#, no-wrap
+msgid ""
+"[domain/EXAMPLE]\n"
+"id_provider = ad\n"
+"auth_provider = ad\n"
+"access_provider = ad\n"
+"chpass_provider = ad\n"
+"\n"
+"ad_server = dc1.example.com\n"
+"ad_hostname = client.example.com\n"
+"ad_domain = example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
+msgid "sssd-sudo"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:23
+msgid ""
+"This manual page describes how to configure <citerefentry> "
+"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
+"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:36
+msgid "Configuring sudo to cooperate with SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:38
+msgid ""
+"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to "
+"the <emphasis>sudoers</emphasis> entry in <citerefentry> "
+"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:47
+msgid ""
+"For example, to configure sudo to first lookup rules in the standard "
+"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> file (which should contain rules that apply to "
+"local users) and then in SSSD, the nsswitch.conf file should contain the "
+"following line:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:57
+#, no-wrap
+msgid "sudoers: files sss\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:61
+msgid ""
+"More information about configuring the sudoers search order from the "
+"nsswitch.conf file as well as information about the LDAP schema that is used "
+"to store sudo rules in the directory can be found in <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:72
+msgid "Configuring SSSD to fetch sudo rules"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:74
+msgid ""
+"The following example shows how to configure SSSD to download sudo rules "
+"from an LDAP server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:79
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ldap\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:92
+msgid ""
+"The following example illustrates setting up SSSD to download sudo rules "
+"from an IPA server. It is necessary to use the LDAP provider and set "
+"appropriate connection parameters to authenticate correctly against the IPA "
+"server, because SSSD does not have native support of IPA provider for sudo "
+"yet."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:100
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ipa\n"
+"ipa_domain = example.com\n"
+"ipa_server = ipa.example.com\n"
+"ldap_tls_cacert = /etc/ipa/ca.crt\n"
+"\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://ipa.example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+"ldap_sasl_mech = GSSAPI\n"
+"ldap_sasl_authid = host/hostname.example.com\n"
+"ldap_sasl_realm = EXAMPLE.COM\n"
+"krb5_server = ipa.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:123
+msgid "The SUDO rule caching mechanism"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:125
+msgid ""
+"The biggest challenge, when developing sudo support in SSSD, was to ensure "
+"that running sudo with SSSD as the data source provides the same user "
+"experience and is as fast as sudo but keeps providing the most current set "
+"of rules as possible. To satisfy these requirements, SSSD uses three kinds "
+"of updates. They are referred to as full refresh, smart refresh and rules "
+"refresh."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:133
+msgid ""
+"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
+"new or were modified after the last update. Its primary goal is to keep the "
+"database growing by fetching only small increments that do not generate "
+"large amounts of network traffic."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:139
+msgid ""
+"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
+"in the cache and replaces them with all rules that are stored on the server. "
+"This is used to keep the cache consistent by removing every rule which was "
+"deleted from the server. However, full refresh may produce a lot of traffic "
+"and thus it should be run only occasionally depending on the size and "
+"stability of the sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:147
+msgid ""
+"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
+"more permission than defined. It is triggered each time the user runs sudo. "
+"Rules refresh will find all rules that apply to this user, check their "
+"expiration time and redownload them if expired. In the case that any of "
+"these rules are missing on the server, the SSSD will do an out of band full "
+"refresh because more rules (that apply to other users) may have been deleted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:156
+msgid ""
+"If enabled, SSSD will store only rules that can be applied to this machine. "
+"This means rules that contain one of the following values in "
+"<emphasis>sudoHost</emphasis> attribute:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:163
+msgid "keyword ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:168
+msgid "wildcard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:173
+msgid "netgroup (in the form \"+netgroup\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:178
+msgid "hostname or fully qualified domain name of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:183
+msgid "one of the IP addresses of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:188
+msgid "one of the IP addresses of the network (in the form \"address/mask\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:194
+msgid ""
+"There are many configuration options that can be used to adjust the "
+"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr "sssd"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote "
+"directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107 sss_seed.8.xml:136
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117 sss_debuglevel.8.xml:42
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121 sss_debuglevel.8.xml:46
+msgid ""
+"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
+"conf</filename>. For reference on the config file syntax and options, "
+"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:135
+msgid "<option>--version</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:139
+msgid "Print version number and exit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:147
+msgid "Signals"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:150
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:153
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then "
+"shut down the monitor."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:159
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:162
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs "
+"like logrotate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:170
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:173
+msgid ""
+"Tells the SSSD to simulate offline operation for one minute. This is mostly "
+"useful for testing purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:179
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:182
+msgid ""
+"Tells the SSSD to go online immediately. This is mostly useful for testing "
+"purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered "
+"interactively. The obfuscated password is put into "
+"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the "
+"<quote>ldap_default_authtok_type</quote> parameter is set to "
+"<quote>obfuscated_password</quote>. Refer to <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79
+#: sss_ssh_knownhostsproxy.1.xml:78
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is <quote>default</"
+"quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr "create a new user"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43 sss_seed.8.xml:76
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100
+msgid ""
+"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112
+msgid ""
+"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
+"baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
+msgid ""
+"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently <filename>/bin/bash</"
+"filename>. The default can be changed with <quote>user_defaults/"
+"defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:157
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr "sssd-krb5"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed "
+"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of "
+"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It "
+"must be paired with an identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> <refentrytitle>.k5login</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. "
+"Please note that an empty .k5login file will deny all access to this user. "
+"To activate this feature, use 'access_provider = krb5' in your SSSD "
+"configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend, "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect, in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled; for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC, alternative "
+"servers can be defined here. An optional port number (preceded by a colon) "
+"may be appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd "
+"servers to try, the backend is not switched to operate offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. If the "
+"directory does not exist, it will be created. If %u, %U, %p or %h are used, "
+"a private directory belonging to the user is created. Otherwise, a public "
+"directory with restricted deletion flag (aka sticky bit, as described in "
+"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> for details) is created."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:152
+msgid "Default: /tmp"
+msgstr "Noklusējuma: / tmp"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:158
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:174
+msgid "login UID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:177
+msgid "%p"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:178
+msgid "principal name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:182
+msgid "%r"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:183
+msgid "realm name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:186
+msgid "%h"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:187
+msgid "home directory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:192
+msgid "value of krb5ccache_dir"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:197
+msgid "%P"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:198
+msgid "the process ID of the SSSD client"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:161
+msgid ""
+"Location of the user's credential cache. Two credential cache types are "
+"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache "
+"can be specified either as <replaceable>TYPE:RESIDUAL</replaceable>, or as "
+"an absolute path, which implies the <quote>FILE</quote> type. In the "
+"template, the following sequences are substituted: <placeholder type="
+"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is "
+"used to create a unique filename in a safe way."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:212
+msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:218
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:221
+msgid ""
+"Timeout in seconds after an online authentication request or change password "
+"request is aborted. If possible, the authentication request is continued "
+"offline."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:235
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed. The keytab is checked for entries sequentially, and the first entry "
+"with a matching realm is used for validation. If no entry matches the realm, "
+"the last entry in the keytab is used. This process can be used to validate "
+"environments using cross-realm trust by placing the appropriate keytab entry "
+"as the last entry or the only entry in the keytab file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:250
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:253
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:257
+msgid "Default: /etc/krb5.keytab"
+msgstr "Noklusējuma: /etc/krb5.keytab"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:263
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:266
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider comes online again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:271
+msgid ""
+"NOTE: this feature is only available on Linux. Passwords stored in this way "
+"are kept in plaintext in the kernel keyring and are potentially accessible "
+"by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:284
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:287
+msgid ""
+"Request a renewable ticket with a total lifetime, given as an integer "
+"immediately followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:326
+#, fuzzy
+#| msgid "<emphasis>s</emphasis> seconds"
+msgid "<emphasis>s</emphasis> for seconds"
+msgstr "<emphasis>% s</emphasis> sekundes"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:329
+#, fuzzy
+#| msgid "<emphasis>m</emphasis> minutes"
+msgid "<emphasis>m</emphasis> for minutes"
+msgstr "<emphasis>m</emphasis> minūtes"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:298 sssd-krb5.5.xml:332
+#, fuzzy
+#| msgid "<emphasis>s</emphasis> seconds"
+msgid "<emphasis>h</emphasis> for hours"
+msgstr "<emphasis>% s</emphasis> sekundes"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:301 sssd-krb5.5.xml:335
+#, fuzzy
+#| msgid "<emphasis>s</emphasis> seconds"
+msgid "<emphasis>d</emphasis> for days."
+msgstr "<emphasis>% s</emphasis> sekundes"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:304
+msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:308
+msgid ""
+"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
+"and a half hours, use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:313
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:319
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:322
+msgid ""
+"Request ticket with a with a lifetime, given as an integer immediately "
+"followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:338
+msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:342
+msgid ""
+"NOTE: It is not possible to mix units. To set the lifetime to one and a "
+"half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:347
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:354
+msgid "krb5_renew_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:357
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:362
+msgid "If this option is not set or is 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:372
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:375
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:380
+msgid ""
+"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
+"option at all."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:384
+msgid ""
+"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
+"continue the authentication without it."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:389
+msgid ""
+"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
+"server does not require fast."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:394
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:397
+msgid "NOTE: a keytab is required to use FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:400
+msgid ""
+"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
+"SSSD is used with an older version of MIT Kerberos, using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:409
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:412
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:421
+msgid ""
+"Specifies if the host and user principal should be canonicalized. This "
+"feature is available with MIT Kerberos 1.7 and later versions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in an SSSD domain, the following options "
+"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section "
+"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:443
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication; it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:451
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr "izveidot jaunu grupu"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43 sss_seed.8.xml:88
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr "sss_userdel"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr "dzēst lietotāja kontu"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr "dzēst grupu"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr "sss_groupshow"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr "sss_usermod"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_cache.8.xml:10 sss_cache.8.xml:15
+msgid "sss_cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_cache.8.xml:16
+msgid "perform cache cleanup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_cache.8.xml:21
+msgid ""
+"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_cache.8.xml:31
+msgid ""
+"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated "
+"records are forced to be reloaded from server as soon as related SSSD "
+"backend is online."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:42
+msgid ""
+"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:47
+msgid "Invalidate specific user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:53
+msgid "<option>-U</option>,<option>--users</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:57
+msgid ""
+"Invalidate all user records. This option overrides invalidation of specific "
+"user if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:64
+msgid ""
+"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:69
+msgid "Invalidate specific group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:75
+msgid "<option>-G</option>,<option>--groups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:79
+msgid ""
+"Invalidate all group records. This option overrides invalidation of specific "
+"group if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:86
+msgid ""
+"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:91
+msgid "Invalidate specific netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:97
+msgid "<option>-N</option>,<option>--netgroups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:101
+msgid ""
+"Invalidate all netgroup records. This option overrides invalidation of "
+"specific netgroup if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:108
+msgid ""
+"<option>-s</option>,<option>--service</option> <replaceable>service</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:113
+msgid "Invalidate specific service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:119
+msgid "<option>-S</option>,<option>--services</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:123
+msgid ""
+"Invalidate all service records. This option overrides invalidation of "
+"specific service if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:130
+msgid ""
+"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:135
+msgid "Invalidate specific autofs maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:141
+msgid "<option>-A</option>,<option>--autofs-maps</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:145
+msgid ""
+"Invalidate all autofs maps. This option overrides invalidation of specific "
+"map if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:152
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:157
+msgid "Restrict invalidation process only to a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
+msgid "sss_debuglevel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_debuglevel.8.xml:16
+msgid "change debug level while SSSD is running"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_debuglevel.8.xml:21
+msgid ""
+"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_debuglevel.8.xml:32
+msgid ""
+"<command>sss_debuglevel</command> changes debug level of SSSD monitor and "
+"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
+"running."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_debuglevel.8.xml:59
+msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_seed.8.xml:10 sss_seed.8.xml:15
+msgid "sss_seed"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_seed.8.xml:16
+msgid "seed the SSSD cache with a user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_seed.8.xml:21
+msgid ""
+"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
+"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:33
+msgid ""
+"<command>sss_seed</command> seeds the SSSD cache with a user entry and "
+"temporary password. If a user entry is already present in the SSSD cache "
+"then the entry is updated with the temporary password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:46
+msgid ""
+"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:51
+msgid ""
+"Provide the name of the domain in which the user is a member of. The domain "
+"is also used to retrieve user information. The domain must be configured in "
+"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. "
+"Information retrieved from the domain overrides what is provided in the "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:63
+msgid ""
+"<option>-n</option>,<option>--username</option> <replaceable>USER</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:68
+msgid ""
+"The username of the entry to be created or modified in the cache. The "
+"<replaceable>USER</replaceable> option must be provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:81
+msgid "Set the UID of the user to <replaceable>UID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:93
+msgid "Set the GID of the user to <replaceable>GID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:117
+msgid ""
+"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:129
+msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:140
+msgid ""
+"Interactive mode for entering user information. This option will only prompt "
+"for information not provided in the options or retrieved from the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:148
+msgid ""
+"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:153
+msgid ""
+"Specify file to read user's password from. (if not specified password is "
+"prompted for)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:165
+msgid ""
+"The length of the password (or the size of file specified with -p or --"
+"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
+"on systems with no globally-defined PASS_MAX value)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
+msgid "sss_ssh_authorizedkeys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
+msgid "1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_authorizedkeys.1.xml:16
+msgid "get OpenSSH authorized keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_authorizedkeys.1.xml:21
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>USER</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:32
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user "
+"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys "
+"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> for more information)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:41
+msgid ""
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</"
+"command> for public key user authentication if it is compiled with support "
+"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</"
+"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:58
+#, no-wrap
+msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:51
+msgid ""
+"If <quote>AuthorizedKeysCommand</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by putting the following directive "
+"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:69
+#, no-wrap
+msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:62
+msgid ""
+"If <quote>PubkeyAgent</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by using the following directive "
+"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting"
+"\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_authorizedkeys.1.xml:84
+msgid ""
+"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
+msgid "sss_ssh_knownhostsproxy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_knownhostsproxy.1.xml:16
+msgid "get OpenSSH host keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_knownhostsproxy.1.xml:21
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
+"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:33
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for "
+"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH "
+"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section "
+"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
+"pubconf/known_hosts</filename> and estabilishes connection to the host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:43
+msgid ""
+"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
+"create the connection to the host instead of opening a socket."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_knownhostsproxy.1.xml:55
+#, no-wrap
+msgid ""
+"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
+"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:48
+msgid ""
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</"
+"command> for host key authentication by using the following directives for "
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_ssh_knownhostsproxy.1.xml:66
+msgid ""
+"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:71
+msgid ""
+"Use port <replaceable>PORT</replaceable> to connect to the host. By "
+"default, port 22 is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:83
+msgid ""
+"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query. This feature is "
+"not supported for backup servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
+msgid "Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different "
+"server if the current server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces "
+"is allowed around the comma. The servers are listed in order of preference. "
+"The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:16
+msgid ""
+"For each failover-enabled config option, two variants exist: "
+"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
+"that servers in the primary list are preferred and backup servers are only "
+"searched if no primary servers can be reached. If a backup server is "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
+"periodically try to reconnect to one of the primary servers. If it succeeds, "
+"it will replace the current active (backup) server."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:27
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:29
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:42
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30 "
+"seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:47
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/ldap_id_mapping.xml:2
+msgid "ID MAPPING"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:4
+msgid ""
+"The ID-mapping feature allows SSSD to act as a client of Active Directory "
+"without requiring administrators to extend user attributes to support POSIX "
+"attributes for user and group identifiers."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:9
+msgid ""
+"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are "
+"ignored. This is to avoid the possibility of conflicts between automatically-"
+"assigned and manually-assigned values. If you need to use manually-assigned "
+"values, ALL values must be manually-assigned."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/ldap_id_mapping.xml:17
+msgid "Mapping Algorithm"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:19
+msgid ""
+"Active Directory provides an objectSID for every user and group object in "
+"the directory. This objectSID can be broken up into components that "
+"represent the Active Directory domain identity and the relative identifier "
+"(RID) of the user or group object."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:25
+msgid ""
+"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
+"into equally-sized component sections - called \"slices\"-. Each slice "
+"represents the space available to an Active Directory domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:31
+msgid ""
+"When a user or group entry for a particular domain is encountered for the "
+"first time, the SSSD allocates one of the available slices for that domain. "
+"In order to make this slice-assignment repeatable on different client "
+"machines, we select the slice based on the following algorithm:"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:38
+msgid ""
+"The SID string is passed through the murmurhash3 algorithm to convert it to "
+"a 32-bit hashed value. We then take the modulus of this value with the total "
+"number of available slices to pick the slice."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:44
+msgid ""
+"NOTE: It is possible to encounter collisions in the hash and subsequent "
+"modulus. In these situations, we will select the next available slice, but "
+"it may not be possible to reproduce the same exact set of slices on other "
+"machines (since the order that they are encountered will determine their "
+"slice). In this situation, it is recommended to either switch to using "
+"explicit POSIX attributes in Active Directory (disabling ID-mapping) or "
+"configure a default domain to guarantee that at least one is always "
+"consistent. See <quote>Configuration</quote> for details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:59
+msgid ""
+"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><programlisting>
+#: include/ldap_id_mapping.xml:64
+#, no-wrap
+msgid ""
+"ldap_id_mapping = True\n"
+"ldap_schema = ad\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:69
+msgid ""
+"The default configuration results in configuring 10,000 slices, each capable "
+"of holding up to 200,000 IDs, starting from 10,001 and going up to "
+"2,000,100,000. This should be sufficient for most deployments."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><title>
+#: include/ldap_id_mapping.xml:75
+msgid "Advanced Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:78
+msgid "ldap_idmap_range_min (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:81
+msgid ""
+"Specifies the lower bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:85
+msgid ""
+"NOTE: This option is different from <quote>min_id</quote> in that "
+"<quote>min_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>min_id</"
+"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
+msgid "Default: 200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:100
+msgid "ldap_idmap_range_max (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:103
+msgid ""
+"Specifies the upper bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:107
+msgid ""
+"NOTE: This option is different from <quote>max_id</quote> in that "
+"<quote>max_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>max_id</"
+"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:117
+msgid "Default: 2000200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:122
+msgid "ldap_idmap_range_size (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:125
+msgid ""
+"Specifies the number of IDs available for each slice. If the range size "
+"does not divide evenly into the min and max values, it will create as many "
+"complete slices as it can."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:136
+msgid "ldap_idmap_default_domain_sid (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:139
+msgid ""
+"Specify the domain SID of the default domain. This will guarantee that this "
+"domain will always be assigned to slice zero in the ID map, bypassing the "
+"murmurhash algorithm described above."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:150
+msgid "ldap_idmap_default_domain (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:153
+msgid "Specify the name of the default domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:161
+msgid "ldap_idmap_autorid_compat (boolean)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:164
+msgid ""
+"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
+"winbind's <quote>idmap_autorid</quote> algorithm."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:169
+msgid ""
+"When this option is configured, domains will be allocated starting with "
+"slice zero and increasing monatomically with each additional domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:174
+msgid ""
+"NOTE: This algorithm is non-deterministic (it depends on the order that "
+"users and groups are requested). If this mode is required for compatibility "
+"with machines running winbind, it is recommended to also use the "
+"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
+"least one domain is consistently allocated to slice zero."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-?</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7 include/param_help_py.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help_py.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:3
+msgid ""
+"Bit mask that indicates which debug levels will be visible. 0x0010 is the "
+"default value as well as the lowest allowed value, 0xFFF0 is the most "
+"verbose mode. This setting overrides the settings from config file."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:8
+msgid "Currently supported debug levels:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:11
+msgid ""
+"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
+"SSSD from starting up or causes it to cease running."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:15
+msgid ""
+"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill "
+"the SSSD, but one that indicates that at least one major feature is not "
+"going to work properly."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:20
+msgid ""
+"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
+"particular request or operation has failed."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:24
+msgid ""
+"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
+"percolate down to cause the operation failure of 2."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:28
+msgid "<emphasis>0x0100</emphasis>: Configuration settings."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:31
+msgid "<emphasis>0x0200</emphasis>: Function data."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:34
+msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:37
+msgid ""
+"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:40
+msgid ""
+"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
+"may be interesting."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:43
+msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:46
+msgid ""
+"To log required debug levels, simply add their numbers together as shown in "
+"following examples:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:49
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
+"serious failures and function data use 0x0270."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:53
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
+"function data, trace messages for internal control functions use 0x1310."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:57
+msgid ""
+"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
+"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/experimental.xml:1
+msgid ""
+"<emphasis> This is an experimental feature, please use http://fedorahosted."
+"org/sssd to report any issues. </emphasis>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/local.xml:2
+msgid "THE LOCAL DOMAIN"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:4
+msgid ""
+"In order to function correctly, a domain with <quote>id_provider=local</"
+"quote> must be created and the SSSD must be running."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:9
+msgid ""
+"The administrator might want to use the SSSD local users instead of "
+"traditional UNIX users in cases where the group nesting (see <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry>) is needed. The local users are also useful for testing and "
+"development of the SSSD without having to deploy a full remote server. The "
+"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
+"local LDB storage to store users and groups."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/seealso.xml:2
+msgid "SEE ALSO"
+msgstr "SKATĪT ARĪ"
+
+#. type: Content of: <refsect1><para>
+#: include/seealso.xml:4
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:3
+#: include/ldap_search_bases_experimental.xml:3
+msgid ""
+"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
+"for this attribute type."
+msgstr ""
+
+#. type: Content of: <listitem><para><programlisting>
+#: include/ldap_search_bases.xml:9
+#: include/ldap_search_bases_experimental.xml:9
+#, no-wrap
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:7
+#: include/ldap_search_bases_experimental.xml:7
+msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:13
+#: include/ldap_search_bases_experimental.xml:13
+msgid ""
+"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter "
+"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
+"rfc2254.txt"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:19
+#: include/ldap_search_bases_experimental.xml:19
+msgid ""
+"For examples of this syntax, please refer to the <quote>ldap_search_base</"
+"quote> examples section."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:27
+#: include/ldap_search_bases_experimental.xml:27
+msgid ""
+"Please note that specifying scope or filter is not supported for searches "
+"against an Active Directory Server that might yield a large number of "
+"results and trigger the Range Retrieval extension in the response."
+msgstr ""
+
+#. type: Content of: <para>
+#: include/autofs_restart.xml:2
+msgid ""
+"Please note that the automounter only reads the master map on startup, so if "
+"any autofs-related changes are made to the sssd.conf, you typically also "
+"need to restart the automounter daemon after restarting the SSSD."
+msgstr ""
diff --git a/src/man/po/nl.po b/src/man/po/nl.po
index 8b2530001..ad7105369 100644
--- a/src/man/po/nl.po
+++ b/src/man/po/nl.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 17:53+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/"
@@ -148,7 +148,7 @@ msgstr "Bestandsformaten en conventies"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "het configuratiebestand voor SSSD"
@@ -230,7 +230,7 @@ msgid "The [sssd] section"
msgstr "De [sssd] sectie"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Sectie parameters"
@@ -270,12 +270,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -284,7 +284,7 @@ msgstr ""
"Data Aanbieder crashed of opnieuw start voordat dit opgegeven wordt"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Standaard: 3"
@@ -307,7 +307,7 @@ msgstr ""
"lijst van domeinen in de volgorde die SSSD ze moet aflopen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (tekst)"
@@ -327,7 +327,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (tekst)"
@@ -424,32 +424,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -459,15 +438,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -485,12 +464,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "SERVICES SECTIE"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -499,80 +478,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr "Algemene service configuratie-opties"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "Deze opties kunnen gebruikt worden om services te configureren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "Voeg een tijdstempel toe aan de debugberichten"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Standaard: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -582,23 +562,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -681,8 +682,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr ""
@@ -761,13 +762,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -780,12 +791,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -793,231 +804,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1025,59 +1037,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1085,7 +1097,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1094,17 +1106,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1112,115 +1124,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Standaard: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1232,7 +1244,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1243,24 +1255,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1268,12 +1280,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1282,24 +1294,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1308,56 +1320,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1365,123 +1380,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1490,17 +1512,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1509,33 +1531,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1543,8 +1565,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1553,8 +1575,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1562,19 +1584,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1583,19 +1605,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1603,7 +1643,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1611,30 +1651,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1642,19 +1682,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1663,24 +1703,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1688,7 +1728,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1696,35 +1736,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1732,22 +1772,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1755,7 +1796,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1763,31 +1804,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1795,28 +1836,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1824,7 +1860,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1832,24 +1868,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1857,19 +1893,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1878,29 +1914,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1911,7 +1947,7 @@ msgstr ""
"het domein alles daarna\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1919,7 +1955,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -1928,7 +1964,7 @@ msgstr ""
"(?P&lt;name&gt;) om subpatronen aan te geven."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1936,59 +1972,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Standaard: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1996,56 +2032,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2054,30 +2090,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2085,29 +2121,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2115,19 +2151,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2135,73 +2171,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2209,17 +2245,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2228,17 +2264,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2246,17 +2282,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2264,18 +2300,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2305,7 +2341,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2346,7 +2382,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -3078,8 +3114,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3094,7 +3130,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3282,7 +3318,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3482,6 +3518,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3542,7 +3579,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3815,53 +3852,75 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "full_name_format (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "full_name_format (tekst)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3869,27 +3928,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3901,7 +3960,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3909,7 +3968,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3917,53 +3976,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3971,32 +4030,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4005,56 +4069,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4065,12 +4129,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4079,14 +4143,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4095,24 +4159,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4120,19 +4184,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4141,7 +4205,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4149,7 +4213,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4158,94 +4222,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4257,213 +4352,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4471,106 +4566,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4579,76 +4674,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4657,46 +4752,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4704,43 +4799,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4748,7 +4843,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4756,7 +4851,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4766,23 +4861,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5085,7 +5180,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5096,12 +5191,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5109,7 +5212,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5161,25 +5264,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5189,87 +5300,107 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 120"
+msgid "Default: 1200 (seconds)"
+msgstr "Standaard: 120"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5277,86 +5408,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5364,12 +5495,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5377,17 +5508,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5396,313 +5540,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5710,7 +5886,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5848,7 +6024,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5856,7 +6032,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5870,11 +6046,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -6048,7 +6246,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7750,7 +7948,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8199,7 +8397,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/po4a.cfg b/src/man/po/po4a.cfg
index b6834d4fe..8a15d447a 100644
--- a/src/man/po/po4a.cfg
+++ b/src/man/po/po4a.cfg
@@ -1,4 +1,4 @@
-[po4a_langs] br ca cs eu es fr ja nl pt ru tg uk
+[po4a_langs] br ca cs eu es fr ja lv nl pt ru tg uk zh_CN
[po4a_paths] po/sssd-docs.pot $lang:po/$lang.po
[type:docbook] sss_groupmod.8.xml $lang:$(builddir)/$lang/sss_groupmod.8.xml
[type:docbook] sssd.conf.5.xml $lang:$(builddir)/$lang/sssd.conf.5.xml
diff --git a/src/man/po/pt.po b/src/man/po/pt.po
index 22049f586..c02fac871 100644
--- a/src/man/po/pt.po
+++ b/src/man/po/pt.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 17:53+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n"
@@ -147,7 +147,7 @@ msgstr "Formatos de ficheiros e convenções"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "o ficheiro de configuração para SSSD"
@@ -224,7 +224,7 @@ msgid "The [sssd] section"
msgstr "A seção [SSSD]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Parâmetros de secção"
@@ -265,12 +265,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -279,7 +279,7 @@ msgstr ""
"falha do provedor de dados ou reiniciar antes de eles desistirem"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Padrão: 3"
@@ -302,7 +302,7 @@ msgstr ""
"domínios na ordem desejada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (string)"
@@ -322,7 +322,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (string)"
@@ -405,32 +405,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "Padrão: 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -440,15 +419,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -466,12 +445,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -480,80 +459,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Padrão: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Padrão: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -563,23 +543,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Padrão: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -658,8 +659,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr ""
@@ -738,13 +739,23 @@ msgstr "%f"
msgid "fully qualified user name (user@domain)"
msgstr "nome totalmente qualificado do utilizador (utilizador@domínio)"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr "%%"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr "um literal '%'"
@@ -757,12 +768,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -770,231 +781,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr "allowed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr "shell_fallback (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "Padrão: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Padrão: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1002,59 +1014,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Padrão: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1062,7 +1074,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1071,17 +1083,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1089,115 +1101,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1209,7 +1221,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1220,24 +1232,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1245,12 +1257,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1259,24 +1271,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "SECÇÕES DE DOMÍNIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1285,56 +1297,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerate (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Padrão: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1342,123 +1357,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Padrão: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1467,17 +1489,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "Padrão: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1486,33 +1508,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1520,8 +1542,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1530,8 +1552,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1539,19 +1561,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1560,19 +1582,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ipa_netgroup_member_host (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ipa_netgroup_member_host (string)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1580,7 +1622,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1588,30 +1630,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1619,19 +1661,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1640,24 +1682,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1665,7 +1707,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1673,35 +1715,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1709,22 +1751,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1732,7 +1775,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1740,31 +1783,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1772,28 +1815,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "Padrão: none"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1801,7 +1839,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1809,24 +1847,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1834,19 +1872,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1855,29 +1893,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1885,7 +1923,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1893,14 +1931,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1908,59 +1946,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Default: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "Default: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1968,56 +2006,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr "override_gid (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2026,30 +2064,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2057,29 +2095,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2087,19 +2125,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "A secção de domínio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2107,73 +2145,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Padrão: <filename>bash/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "Padrão: <filename>/ home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2181,17 +2219,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "Padrão: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2200,17 +2238,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Padrão: <filename>skel/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2218,17 +2256,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "Padrão: <filename>mail/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2236,18 +2274,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "Padrão: None, nenhum comando é executado"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "EXEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2301,7 +2339,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2342,7 +2380,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "OPÇÕES DE CONFIGURAÇÃO"
@@ -3078,8 +3116,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "Padrão: NC"
@@ -3094,7 +3132,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3282,7 +3320,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3482,6 +3520,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Padrão: 6"
@@ -3542,7 +3581,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3817,54 +3856,76 @@ msgstr "ldap_sasl_authid (string)"
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (string)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "Padrão: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3872,27 +3933,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "Padrão: 86400 (24 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3904,7 +3965,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3912,7 +3973,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3920,53 +3981,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3974,32 +4035,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "Padrão: none"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4008,56 +4074,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4068,12 +4134,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4082,14 +4148,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4098,24 +4164,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4123,19 +4189,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4144,7 +4210,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4152,7 +4218,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4161,94 +4227,127 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "Padrão: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (boolean)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4260,213 +4359,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4474,106 +4573,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4582,76 +4681,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4660,46 +4759,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "OPÇÕES AVANÇADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4707,43 +4806,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4751,7 +4850,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4759,8 +4858,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -4769,7 +4877,6 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -4781,19 +4888,20 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5102,7 +5210,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5113,12 +5221,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5126,7 +5242,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5178,25 +5294,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5206,87 +5330,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (integer)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 10800 (12 hours)"
+msgid "Default: 1200 (seconds)"
+msgstr "Padrão: 10800 (12 horas)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr "Default: Use base DN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5294,86 +5440,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5381,12 +5527,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5394,17 +5540,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "pam_id_timeout (integer)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5413,313 +5574,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr "Padrão: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr "Padrão: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr "Padrão: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr "Padrão: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr "Padrão: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr "Padrão: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr "Padrão: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5727,7 +5920,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5869,7 +6062,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5877,7 +6070,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5891,11 +6084,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -6069,7 +6284,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7805,7 +8020,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8254,7 +8469,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/ru.po b/src/man/po/ru.po
index bac69f407..01bf64ce9 100644
--- a/src/man/po/ru.po
+++ b/src/man/po/ru.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 17:53+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n"
@@ -134,7 +134,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "Файл конфигурации SSSD"
@@ -201,7 +201,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr ""
@@ -238,19 +238,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "попыток_соединения (целое число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "По умолчанию: 3"
@@ -269,7 +269,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr ""
@@ -289,7 +289,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
@@ -372,32 +372,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -407,15 +386,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -433,12 +412,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -447,80 +426,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "По умолчанию: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "По умолчанию: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -530,23 +510,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -625,8 +626,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "По умолчанию: 15"
@@ -705,13 +706,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -724,12 +735,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -737,231 +748,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "По умолчанию: 0 (неограничено)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -969,59 +981,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "По умолчанию: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr "В настоящее время sssd поддерживает следующие значения:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "По умолчанию: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1029,7 +1041,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1038,17 +1050,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1056,115 +1068,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1176,7 +1188,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1187,24 +1199,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1212,12 +1224,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1226,24 +1238,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1252,56 +1264,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "По умолчанию: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1309,123 +1324,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1434,17 +1456,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1453,33 +1475,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1487,8 +1509,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1497,8 +1519,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1506,19 +1528,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1527,19 +1549,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1547,7 +1587,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1555,30 +1595,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1586,19 +1626,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1607,24 +1647,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1632,7 +1672,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1640,35 +1680,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1676,22 +1716,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1699,7 +1740,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1707,31 +1748,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1739,28 +1780,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1768,7 +1804,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1776,24 +1812,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1801,19 +1837,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1822,29 +1858,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1852,7 +1888,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1860,14 +1896,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1875,59 +1911,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "По умолчанию: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr "Поддерживаемые значения:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1935,56 +1971,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr "По умолчанию: использовать доменное имя из hostname"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1993,30 +2029,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2024,29 +2060,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2054,19 +2090,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2074,73 +2110,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "По умолчанию: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "По умолчанию: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2148,17 +2184,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "По умолчанию: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2167,17 +2203,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "По умолчанию: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2185,17 +2221,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "По умолчанию: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2203,18 +2239,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "ПРИМЕР"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2244,7 +2280,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2285,7 +2321,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "ПАРАМЕТРЫ КОНФИГУРАЦИИ"
@@ -3017,8 +3053,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3033,7 +3069,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3221,7 +3257,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3421,6 +3457,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3481,7 +3518,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3754,53 +3791,73 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3808,27 +3865,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3840,7 +3897,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3848,7 +3905,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3856,53 +3913,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3910,32 +3967,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3944,56 +4006,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4004,12 +4066,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4018,14 +4080,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4034,24 +4096,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4059,19 +4121,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4080,7 +4142,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4088,7 +4150,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4097,94 +4159,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4196,213 +4289,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4410,106 +4503,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4518,76 +4611,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4596,46 +4689,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4643,43 +4736,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4687,7 +4780,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4695,7 +4788,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4705,23 +4798,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5024,7 +5117,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5035,12 +5128,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5048,7 +5149,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5100,25 +5201,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5128,87 +5237,107 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: gecos"
+msgid "Default: 1200 (seconds)"
+msgstr "По умолчанию: gecos"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5216,86 +5345,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5303,12 +5432,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5316,17 +5445,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5335,313 +5477,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5649,7 +5823,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5787,7 +5961,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5795,7 +5969,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5809,11 +5983,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5987,7 +6183,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7689,7 +7885,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8138,7 +8334,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot
index bd911376c..c3fdcffb5 100644
--- a/src/man/po/sssd-docs.pot
+++ b/src/man/po/sssd-docs.pot
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sssd-docs 1.9.2\n"
+"Project-Id-Version: sssd-docs 1.9.91\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -108,7 +108,7 @@ msgid "File Formats and Conventions"
msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
-#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr ""
@@ -177,7 +177,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr ""
@@ -213,19 +213,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr ""
@@ -244,7 +244,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr ""
@@ -264,7 +264,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
@@ -347,31 +347,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the "
-"<quote>timeout</quote> option), it is first sent the SIGTERM signal that "
-"instructs it to quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605 sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -381,14 +361,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233 sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282 sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156
msgid "Default: not set"
msgstr ""
@@ -404,12 +384,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -418,74 +398,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845 sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994 sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244 sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841 sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043 sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264 sssd-ipa.5.xml:299
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129 sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -495,23 +475,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613 sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the "
+"<quote>timeout</quote> option), it is first sent the SIGTERM signal that "
+"instructs it to quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -591,8 +591,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr ""
@@ -670,13 +670,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -689,12 +699,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -702,230 +712,231 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid "The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid "Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in "
"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in "
"<quote>/etc/shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the "
"machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during "
-"lookup. This option supersedes any other shell options if it takes effect."
+"lookup. This option supersedes any other shell options if it takes effect "
+"and can be set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -933,59 +944,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during "
"authentication. The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -993,7 +1004,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a "
@@ -1003,17 +1014,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1021,7 +1032,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be "
@@ -1029,108 +1040,108 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting "
"<emphasis>pwd_expiration_warning</emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1142,7 +1153,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1153,24 +1164,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1178,12 +1189,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1192,24 +1203,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For "
@@ -1218,56 +1229,58 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216 sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1275,122 +1288,129 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057 sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1399,17 +1419,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1418,34 +1438,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1453,7 +1473,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261 sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310 sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1462,7 +1482,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270 sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319 sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1470,19 +1490,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified "
"names. For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1491,19 +1511,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1511,7 +1549,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1519,29 +1557,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid "<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1549,19 +1587,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
@@ -1570,24 +1608,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
@@ -1596,7 +1634,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1604,34 +1642,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid "<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1639,22 +1677,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497 sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1662,7 +1700,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1671,31 +1709,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1704,27 +1742,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid "The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1732,7 +1765,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1740,24 +1773,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1766,19 +1799,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: "
"<quote>(((?P&lt;domain&gt;[^\\\\]+)\\\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?P&lt;name&gt;[^@\\\\]+)$))</quote> "
@@ -1786,29 +1819,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1816,7 +1849,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1824,14 +1857,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
"(?P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> "
"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
@@ -1840,59 +1873,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1900,56 +1933,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1958,29 +1991,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called "
@@ -1989,29 +2022,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2019,19 +2052,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2039,73 +2072,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2113,17 +2146,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2132,17 +2165,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2150,17 +2183,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2168,17 +2201,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126 sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131 sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2208,7 +2241,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2250,7 +2283,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 sssd-krb5.5.xml:63
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75 sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -2981,7 +3014,7 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149 sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198 sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -2996,7 +3029,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3183,7 +3216,7 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3379,7 +3412,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140 sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
@@ -3440,7 +3473,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3713,53 +3746,74 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example "
+"host/myhost@EXAMPLE.COM) or just the principal name (for example "
+"host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3767,27 +3821,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of "
@@ -3799,7 +3853,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3807,7 +3861,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of "
"SSSD. While the legacy name is recognized for the time being, users are "
@@ -3816,53 +3870,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client "
"side. The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use "
"<citerefentry><refentrytitle>shadow</refentrytitle> "
@@ -3871,32 +3925,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3905,56 +3964,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3965,12 +4024,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -3979,14 +4038,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -3995,24 +4054,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4020,19 +4079,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4041,7 +4100,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
@@ -4049,7 +4108,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4058,94 +4117,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4157,213 +4247,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval "
"</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4371,105 +4461,105 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054 sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103 sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is "
"<emphasis>false</emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4478,76 +4568,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder "
"type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" "
@@ -4556,46 +4646,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = "
@@ -4604,43 +4694,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4648,7 +4738,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4656,7 +4746,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4666,21 +4756,20 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591 sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651 sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -4986,7 +5075,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> "
@@ -4997,12 +5086,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -5011,7 +5108,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5065,25 +5162,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5093,87 +5198,105 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+msgid "Default: 1200 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5181,85 +5304,85 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5267,12 +5390,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5280,17 +5403,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5299,312 +5435,344 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid "The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of "
+"sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -5612,7 +5780,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5752,7 +5920,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -5760,7 +5928,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5774,11 +5942,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5953,7 +6143,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7659,7 +7849,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8118,7 +8308,7 @@ msgid ""
"</citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> "
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry>, </phrase> <citerefentry> "
"<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> "
"</citerefentry>."
diff --git a/src/man/po/tg.po b/src/man/po/tg.po
index 0e1a88519..13ea2c61d 100644
--- a/src/man/po/tg.po
+++ b/src/man/po/tg.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 17:53+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/"
@@ -133,7 +133,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr ""
@@ -200,7 +200,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr ""
@@ -237,19 +237,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Пешфарз: 3"
@@ -268,7 +268,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr ""
@@ -288,7 +288,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
@@ -371,32 +371,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -406,15 +385,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -432,12 +411,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -446,80 +425,81 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Пешфарз: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Пешфарз: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Пешфарз: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -529,23 +509,44 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
"limited in order to avoid resource exhaustion on the system."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -624,8 +625,8 @@ msgid ""
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Пешфарз: 15"
@@ -704,13 +705,23 @@ msgstr ""
msgid "fully qualified user name (user@domain)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr ""
@@ -723,12 +734,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -736,231 +747,232 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "Пешфарз: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "Пешфарз: 0 (Номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -968,59 +980,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Пешфарз: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Пешфарз: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1028,7 +1040,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1037,17 +1049,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1055,115 +1067,115 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Пешфарз: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
"before asking the back end again."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1175,7 +1187,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1186,24 +1198,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1211,12 +1223,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1225,24 +1237,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1251,56 +1263,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Пешфарз: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1308,123 +1323,130 @@ msgid ""
"to the man pages for the specific id_provider in use."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Пешфарз: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1433,17 +1455,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "Пешфарз: 0 (номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1452,33 +1474,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1486,8 +1508,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1496,8 +1518,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1505,19 +1527,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1526,19 +1548,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1546,7 +1586,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1554,30 +1594,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1585,19 +1625,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1606,24 +1646,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1631,7 +1671,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1639,35 +1679,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1675,22 +1715,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1698,7 +1739,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1706,31 +1747,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1738,28 +1779,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1767,7 +1803,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1775,24 +1811,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1800,19 +1836,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1821,29 +1857,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1851,7 +1887,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1859,14 +1895,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -1874,59 +1910,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1934,56 +1970,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1992,30 +2028,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2023,29 +2059,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2053,19 +2089,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2073,73 +2109,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Пешфарз: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2147,17 +2183,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2166,17 +2202,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2184,17 +2220,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2202,18 +2238,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "НАМУНА"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2243,7 +2279,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2284,7 +2320,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr ""
@@ -3016,8 +3052,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr ""
@@ -3032,7 +3068,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr ""
@@ -3220,7 +3256,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
@@ -3420,6 +3456,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Пешфарз: 6"
@@ -3480,7 +3517,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr ""
@@ -3753,53 +3790,73 @@ msgstr ""
#: sssd-ldap.5.xml:1418
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "Пешфарз: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3807,27 +3864,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3839,7 +3896,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3847,7 +3904,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3855,53 +3912,53 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3909,32 +3966,37 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
"these attributes when the password is changed."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3943,56 +4005,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4003,12 +4065,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "Намуна:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4017,14 +4079,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4033,24 +4095,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4058,19 +4120,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4079,7 +4141,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4087,7 +4149,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4096,94 +4158,125 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -4195,213 +4288,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4409,106 +4502,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4517,76 +4610,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4595,46 +4688,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4642,43 +4735,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4686,7 +4779,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4694,7 +4787,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
+#: sssd-ldap.5.xml:2316
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4704,23 +4797,23 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЭЗОҲҲО"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5023,7 +5116,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -5034,12 +5127,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5047,7 +5148,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5099,25 +5200,33 @@ msgid ""
"provider is required on the client side."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -5127,87 +5236,107 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 120"
+msgid "Default: 1200 (seconds)"
+msgstr "Пешфарз: 120"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5215,86 +5344,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5302,12 +5431,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5315,17 +5444,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5334,313 +5476,345 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5648,7 +5822,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5786,7 +5960,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5794,7 +5968,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -5808,11 +5982,33 @@ msgid ""
"ad_domain = example.com\n"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr ""
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -5986,7 +6182,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
+msgid "wildcard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
@@ -7688,7 +7884,7 @@ msgid ""
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -8137,7 +8333,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
diff --git a/src/man/po/uk.po b/src/man/po/uk.po
index ceea45160..c96e4da4a 100644
--- a/src/man/po/uk.po
+++ b/src/man/po/uk.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2012-10-12 21:14+0300\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
"PO-Revision-Date: 2012-10-05 18:53+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n"
@@ -149,7 +149,7 @@ msgstr "Формати файлів та правила"
#. type: Content of: <reference><refentry><refnamediv><refpurpose>
#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
-#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
msgid "the configuration file for SSSD"
msgstr "файл налаштування SSSD"
@@ -234,7 +234,7 @@ msgid "The [sssd] section"
msgstr "Розділ [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1696
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
msgid "Section parameters"
msgstr "Параметри розділу"
@@ -279,12 +279,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:306
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:309
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -294,7 +294,7 @@ msgstr ""
"визнання подальших спроб безнадійними."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:314
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
msgid "Default: 3"
msgstr "Типове значення: 3"
@@ -318,7 +318,7 @@ msgstr ""
"до них запитів щодо даних."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:124 sssd.conf.5.xml:1476
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
msgid "re_expression (string)"
msgstr "re_expression (рядок)"
@@ -344,7 +344,7 @@ msgstr ""
"ДОМЕНІВ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:141 sssd.conf.5.xml:1523
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (рядок)"
@@ -450,38 +450,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
#: sssd.conf.5.xml:206
-msgid "force_timeout (integer)"
-msgstr "force_timeout (ціле число)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:209
-msgid ""
-"If a service is not responding to ping checks (see the <quote>timeout</"
-"quote> option), it is first sent the SIGTERM signal that instructs it to "
-"quit gracefully. If the service does not terminate after "
-"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
-"by sending a SIGKILL signal."
-msgstr ""
-"Якщо служба не відповідає на перевірки луна-імпульсом (пінгом) (див. "
-"параметр <quote>timeout</quote>), система спочатку надсилає сигнал SIGTERM, "
-"яким наказує службі завершити роботу у штатному режимі. Якщо служба не "
-"завершить роботу протягом часу, визначено параметром <quote>force_timeout</"
-"quote> у секундах, монітор примусово завершить роботу служби надсиланням "
-"сигналу SIGKILL."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:217 sssd.conf.5.xml:346 sssd.conf.5.xml:605
-#: sssd.conf.5.xml:765 sssd-ldap.5.xml:1099
-msgid "Default: 60"
-msgstr "Типове значення: 60"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:222
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:225
+#: sssd.conf.5.xml:209
#, fuzzy
#| msgid ""
#| "This string will be used as a default domain name for all names without a "
@@ -504,7 +477,7 @@ msgstr ""
"за допомогою лише імені користувача без додавання до нього назви домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:235
+#: sssd.conf.5.xml:219
#, fuzzy
#| msgid ""
#| "Please note that if this option is set all users from the local domain "
@@ -518,8 +491,8 @@ msgstr ""
"користувач@назва.домену, для входу до системи."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:241 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2206 sssd-ldap.5.xml:2233
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -542,12 +515,12 @@ msgstr ""
"профілів. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:252
+#: sssd.conf.5.xml:236
msgid "SERVICES SECTIONS"
msgstr "РОЗДІЛИ СЛУЖБ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:254
+#: sssd.conf.5.xml:238
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -560,64 +533,65 @@ msgstr ""
"у розділі <quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:261
+#: sssd.conf.5.xml:245
msgid "General service configuration options"
msgstr "Загальні параметри налаштування служб"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:263
+#: sssd.conf.5.xml:247
msgid "These options can be used to configure any service."
msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:267
+#: sssd.conf.5.xml:251
msgid "debug_level (integer)"
msgstr "debug_level (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:255
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274
+#: sssd.conf.5.xml:258
msgid "Add a timestamp to the debug messages"
msgstr "Додати часову позначку до діагностичних повідомлень."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:277 sssd.conf.5.xml:441 sssd.conf.5.xml:845
-#: sssd-ldap.5.xml:1464 sssd-ldap.5.xml:1590 sssd-ldap.5.xml:1994
-#: sssd-ldap.5.xml:2059 sssd-ldap.5.xml:2077 sssd-ipa.5.xml:244
-#: sssd-ipa.5.xml:279
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
msgid "Default: true"
msgstr "Типове значення: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:266
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:285
+#: sssd.conf.5.xml:269
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
"Додати значення мікросекунд до часової позначки у діагностичних повідомленнях"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:288 sssd.conf.5.xml:787 sssd.conf.5.xml:1630
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1533 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339
-#: sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:427
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
msgid "Default: false"
msgstr "Типове значення: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:293
+#: sssd.conf.5.xml:277
msgid "timeout (integer)"
msgstr "timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:296
+#: sssd.conf.5.xml:280
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
@@ -626,17 +600,17 @@ msgstr ""
"перевірки працездатності процесу та його змоги відповідати на запити."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:301 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
msgid "Default: 10"
msgstr "Типове значення: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:319
+#: sssd.conf.5.xml:303
msgid "fd_limit"
msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:306
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -652,17 +626,17 @@ msgstr ""
"цього параметра і обмеженням \"hard\" у limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:331
+#: sssd.conf.5.xml:315
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Типове значення: 8192 (або обмеження у limits.conf \"hard\")"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:336
+#: sssd.conf.5.xml:320
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:339
+#: sssd.conf.5.xml:323
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -673,6 +647,33 @@ msgstr ""
"його допомогою обміну даними. Таке обмеження потрібне для того, щоб уникнути "
"вичерпання ресурсів системи."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr "Типове значення: 60"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr "force_timeout (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+"Якщо служба не відповідає на перевірки луна-імпульсом (пінгом) (див. "
+"параметр <quote>timeout</quote>), система спочатку надсилає сигнал SIGTERM, "
+"яким наказує службі завершити роботу у штатному режимі. Якщо служба не "
+"завершить роботу протягом часу, визначено параметром <quote>force_timeout</"
+"quote> у секундах, монітор примусово завершить роботу служби надсиланням "
+"сигналу SIGKILL."
+
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
#: sssd.conf.5.xml:354
msgid "NSS configuration options"
@@ -771,8 +772,8 @@ msgstr ""
"результати пошуку у кеші (тобто запити щодо некоректних записів у базі "
"даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:414 sssd.conf.5.xml:811 sssd-krb5.5.xml:226
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
msgid "Default: 15"
msgstr "Типове значення: 15"
@@ -858,13 +859,23 @@ msgstr "%f"
msgid "fully qualified user name (user@domain)"
msgstr "ім’я користувача повністю (користувач@домен)"
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:471 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
msgid "%%"
msgstr "%%"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:472 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
msgid "a literal '%'"
msgstr "символ відсотків («%»)"
@@ -880,13 +891,13 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:478 sssd-ad.5.xml:164
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
msgid "This option can also be set per-domain."
msgstr ""
"Значення цього параметра можна встановлювати для кожного з доменів окремо."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:483 sssd.conf.5.xml:507 sssd-ad.5.xml:169
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -896,24 +907,24 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481 sssd.conf.5.xml:505 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:487 sssd-ad.5.xml:173
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Типове значення: не встановлено (SSSD використовуватиме значення, отримане "
"від LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:493 sssd-ad.5.xml:179
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:496 sssd-ad.5.xml:182
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -922,7 +933,7 @@ msgstr ""
"каталог не вказано явним чином засобом надання даних домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:501 sssd-ad.5.xml:187
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -930,19 +941,19 @@ msgstr ""
"для параметра override_homedir."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:511 sssd-ad.5.xml:197
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Типове значення: не встановлено (без замін для невстановлених домашніх "
"каталогів)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:517
+#: sssd.conf.5.xml:524
msgid "override_shell (string)"
msgstr "override_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:520
+#: sssd.conf.5.xml:527
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -951,19 +962,19 @@ msgstr ""
"вказати на загальному рівні у розділі [nss] або для кожного з доменів окремо."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:525
+#: sssd.conf.5.xml:532
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Типове значення: не встановлено (SSSD використовуватиме значення, отримане "
"від LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:531
+#: sssd.conf.5.xml:538
msgid "allowed_shells (string)"
msgstr "allowed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:541
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -971,13 +982,13 @@ msgstr ""
"визначення оболонки є таким:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:537
+#: sssd.conf.5.xml:544
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:541
+#: sssd.conf.5.xml:548
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -987,7 +998,7 @@ msgstr ""
"shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:546
+#: sssd.conf.5.xml:553
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -996,12 +1007,12 @@ msgstr ""
"<quote>/etc/shells</quote>, буде використано оболонку nologin."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:551
+#: sssd.conf.5.xml:558
msgid "An empty string for shell is passed as-is to libc."
msgstr "Порожній рядок оболонки буде передано без обробки до libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:554
+#: sssd.conf.5.xml:561
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -1010,29 +1021,29 @@ msgstr ""
"тобто у разі встановлення нової оболонки слід перезапустити SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558
+#: sssd.conf.5.xml:565
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Типове значення: не встановлено. Автоматично використовується оболонка "
"користувача."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:563
+#: sssd.conf.5.xml:570
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:566
+#: sssd.conf.5.xml:573
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Замінити всі записи цих оболонок на shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:571
+#: sssd.conf.5.xml:578
msgid "shell_fallback (string)"
msgstr "shell_fallback (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574
+#: sssd.conf.5.xml:581
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -1040,20 +1051,25 @@ msgstr ""
"системі не встановлено."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:578
+#: sssd.conf.5.xml:585
msgid "Default: /bin/sh"
msgstr "Типове значення: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:583 sssd-ad.5.xml:203
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:586 sssd-ad.5.xml:206
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
+#, fuzzy
+#| msgid ""
+#| "The default shell to use if the provider does not return one during "
+#| "lookup. This option supersedes any other shell options if it takes effect."
msgid ""
"The default shell to use if the provider does not return one during lookup. "
-"This option supersedes any other shell options if it takes effect."
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
msgstr ""
"Типова командна оболонка, яку слід використовувати, якщо засобом надання "
"даних не повернуто даних оболонки під час пошуку. Якщо буде використано цей "
@@ -1061,7 +1077,7 @@ msgstr ""
"командної оболонки."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591 sssd-ad.5.xml:211
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -1071,12 +1087,12 @@ msgstr ""
"зазвичай /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:598 sssd.conf.5.xml:758
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:601 sssd.conf.5.xml:761
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1085,12 +1101,12 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:610
+#: sssd.conf.5.xml:618
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:613
+#: sssd.conf.5.xml:621
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1099,17 +1115,17 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:617 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Типове значення: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:624
+#: sssd.conf.5.xml:632
msgid "PAM configuration options"
msgstr "Параметри налаштування PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:626
+#: sssd.conf.5.xml:634
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1118,12 +1134,12 @@ msgstr ""
"Authentication Module (PAM або блокового модуля розпізнавання)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:631
+#: sssd.conf.5.xml:639
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:634
+#: sssd.conf.5.xml:642
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1133,17 +1149,17 @@ msgstr ""
"входу до системи)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:639 sssd.conf.5.xml:652
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
msgid "Default: 0 (No limit)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:645
+#: sssd.conf.5.xml:653
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:648
+#: sssd.conf.5.xml:656
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1152,12 +1168,12 @@ msgstr ""
"дозволену кількість спроб входу з визначенням помилкового пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:658
+#: sssd.conf.5.xml:666
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:661
+#: sssd.conf.5.xml:669
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1167,7 +1183,7 @@ msgstr ""
"системи."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:666
+#: sssd.conf.5.xml:674
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1179,17 +1195,17 @@ msgstr ""
"увімкнути можливість автономного розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:672 sssd.conf.5.xml:725 sssd.conf.5.xml:1577
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
msgid "Default: 5"
msgstr "Типове значення: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:678
+#: sssd.conf.5.xml:686
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:681
+#: sssd.conf.5.xml:689
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1198,43 +1214,43 @@ msgstr ""
"розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:686
+#: sssd.conf.5.xml:694
msgid "Currently sssd supports the following values:"
msgstr "У поточній версії sssd передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:689
+#: sssd.conf.5.xml:697
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:692
+#: sssd.conf.5.xml:700
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:696
+#: sssd.conf.5.xml:704
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:699
+#: sssd.conf.5.xml:707
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:703 sssd.8.xml:63
+#: sssd.conf.5.xml:711 sssd.8.xml:63
msgid "Default: 1"
msgstr "Типове значення: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:708
+#: sssd.conf.5.xml:716
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:711
+#: sssd.conf.5.xml:719
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1245,7 +1261,7 @@ msgstr ""
"що розпізнавання виконується на основі найсвіжіших даних."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:717
+#: sssd.conf.5.xml:725
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1259,18 +1275,18 @@ msgstr ""
"надання даних профілів."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:731
+#: sssd.conf.5.xml:739
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:734 sssd.conf.5.xml:1105
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
msgid "Display a warning N days before the password expires."
msgstr ""
"Показати попередження за вказану кількість днів перед завершенням дії пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:737
+#: sssd.conf.5.xml:745
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1281,7 +1297,7 @@ msgstr ""
"попередження."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:743 sssd.conf.5.xml:1108
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1291,7 +1307,7 @@ msgstr ""
"буде автоматично показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:748
+#: sssd.conf.5.xml:756
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1300,27 +1316,27 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> для окремого домену."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:753 sssd.8.xml:79
+#: sssd.conf.5.xml:761 sssd.8.xml:79
msgid "Default: 0"
msgstr "Типове значення: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:773
+#: sssd.conf.5.xml:781
msgid "SUDO configuration options"
msgstr "Параметри налаштування SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:775
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the sudo service."
msgstr "Цими параметрами можна скористатися для налаштування служби sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:787
msgid "sudo_timed (bool)"
msgstr "sudo_timed (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:782
+#: sssd.conf.5.xml:790
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1329,22 +1345,22 @@ msgstr ""
"призначені для визначення часових обмежень для записів sudoers."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:803
msgid "AUTOFS configuration options"
msgstr "Параметри налаштування AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:797
+#: sssd.conf.5.xml:805
msgid "These options can be used to configure the autofs service."
msgstr "Цими параметрами можна скористатися для налаштування служби autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:801
+#: sssd.conf.5.xml:809
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:804
+#: sssd.conf.5.xml:812
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1354,55 +1370,55 @@ msgstr ""
"негативні результати пошуку у кеші (тобто запити щодо некоректних записів у "
"базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:816
-msgid "ssh_known_hosts_timeout (integer)"
-msgstr "ssh_known_hosts_timeout (ціле число)"
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:819
-msgid ""
-"How many seconds to keep a host in the managed known_hosts file after its "
-"host keys were requested."
-msgstr ""
-"Кількість секунд, протягом яких запису вузла зберігатиметься у керованому "
-"файлі known_hosts після надсилання запиту щодо ключів вузла."
-
-#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:823
-msgid "Default: 180"
-msgstr "Типове значення: 180"
-
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:832
+#: sssd.conf.5.xml:828
msgid "SSH configuration options"
msgstr "Параметри налаштувань SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:834
+#: sssd.conf.5.xml:830
msgid "These options can be used to configure the SSH service."
msgstr "Цими параметрами можна скористатися для налаштування служби SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:838
+#: sssd.conf.5.xml:834
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:841
+#: sssd.conf.5.xml:837
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
"Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts."
-#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr "ssh_known_hosts_timeout (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+"Кількість секунд, протягом яких запису вузла зберігатиметься у керованому "
+"файлі known_hosts після надсилання запиту щодо ключів вузла."
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr "Типове значення: 180"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
msgid "PAC responder configuration options"
msgstr "Параметри налаштування відповідача PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:855
+#: sssd.conf.5.xml:863
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1421,7 +1437,7 @@ msgstr ""
"декодовано і визначено, виконуються деякі з таких дій:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:864
+#: sssd.conf.5.xml:872
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
"calculated based on the SID, trusted domains will have UPGs and the gid will "
@@ -1439,7 +1455,7 @@ msgstr ""
"параметра default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:872
+#: sssd.conf.5.xml:880
msgid ""
"If there are SIDs of groups from the domain the sssd client belongs to, the "
"user will be added to those groups."
@@ -1448,18 +1464,18 @@ msgstr ""
"користувача буде додано до цих груп."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:878
+#: sssd.conf.5.xml:886
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Цими параметрами можна скористатися для налаштовування відповідача PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:882
+#: sssd.conf.5.xml:890
msgid "allowed_uids (string)"
msgstr "allowed_uids (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:885
+#: sssd.conf.5.xml:893
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1470,14 +1486,14 @@ msgstr ""
"іменами користувачів визначатимуться під час запуску."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:891
+#: sssd.conf.5.xml:899
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Типове значення: 0 (доступ до відповідача PAC має лише адміністративний "
"користувач (root))"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:895
+#: sssd.conf.5.xml:903
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1491,17 +1507,17 @@ msgstr ""
"запис 0."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:909
+#: sssd.conf.5.xml:917
msgid "DOMAIN SECTIONS"
msgstr "РОЗДІЛИ ДОМЕНІВ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:916
+#: sssd.conf.5.xml:924
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (ціле значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:919
+#: sssd.conf.5.xml:927
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1510,7 +1526,7 @@ msgstr ""
"відповідає цим обмеженням, його буде проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:924
+#: sssd.conf.5.xml:932
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1523,17 +1539,17 @@ msgstr ""
"основної групи і належать діапазону, буде виведено у звичайному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:931
+#: sssd.conf.5.xml:939
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:937
+#: sssd.conf.5.xml:945
msgid "enumerate (bool)"
msgstr "enumerate (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:940
+#: sssd.conf.5.xml:948
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1542,28 +1558,38 @@ msgstr ""
"значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:944
+#: sssd.conf.5.xml:952
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = користувачі і групи нумеруються"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:947
+#: sssd.conf.5.xml:955
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = не використовувати нумерацію для цього домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:950 sssd.conf.5.xml:1082 sssd.conf.5.xml:1184
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
msgid "Default: FALSE"
msgstr "Типове значення: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:953
+#: sssd.conf.5.xml:961
+#, fuzzy
+#| msgid ""
+#| "Note: Enabling enumeration has a moderate performance impact on SSSD "
+#| "while enumeration is running. It may take up to several minutes after "
+#| "SSSD startup to fully complete enumerations. During this time, "
+#| "individual requests for information will go directly to LDAP, though it "
+#| "may be slow, due to the heavy enumeration processing."
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
"to fully complete enumerations. During this time, individual requests for "
"information will go directly to LDAP, though it may be slow, due to the "
-"heavy enumeration processing."
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
msgstr ""
"Зауваження: вмикання нумерації помірно знизить швидкодію SSSD на час "
"виконання нумерації. Нумерація може тривати до декількох хвилин після "
@@ -1572,7 +1598,7 @@ msgstr ""
"системи виконанням нумерації."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:974
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1582,7 +1608,7 @@ msgstr ""
"завершено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:968
+#: sssd.conf.5.xml:979
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1595,13 +1621,20 @@ msgstr ""
"отримати додаткову інформацію, зверніться до сторінок довідника (man) "
"відповідного використаного засобу обробки ідентифікаторів (id_provider)."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:979
+#: sssd.conf.5.xml:1011
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:982
+#: sssd.conf.5.xml:1014
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1610,17 +1643,17 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1018
msgid "Default: 5400"
msgstr "Типове значення: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:992
+#: sssd.conf.5.xml:1024
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:995
+#: sssd.conf.5.xml:1027
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1629,18 +1662,18 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025
-#: sssd.conf.5.xml:1038 sssd.conf.5.xml:1051 sssd.conf.5.xml:1065
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
msgid "Default: entry_cache_timeout"
msgstr "Типове значення: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1005
+#: sssd.conf.5.xml:1037
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1008
+#: sssd.conf.5.xml:1040
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1649,12 +1682,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1018
+#: sssd.conf.5.xml:1050
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1021
+#: sssd.conf.5.xml:1053
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1663,12 +1696,12 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1031
+#: sssd.conf.5.xml:1063
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1034
+#: sssd.conf.5.xml:1066
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1677,12 +1710,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1044
+#: sssd.conf.5.xml:1076
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1047
+#: sssd.conf.5.xml:1079
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1691,12 +1724,12 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1089
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1060
+#: sssd.conf.5.xml:1092
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1705,31 +1738,31 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1103
msgid "cache_credentials (bool)"
msgstr "cache_credentials (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1074
+#: sssd.conf.5.xml:1106
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Визначає, чи слід також кешувати реєстраційні дані користувача у локальному "
"кеші LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1110
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у "
"форматі звичайного тексту"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1087
+#: sssd.conf.5.xml:1119
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1090
+#: sssd.conf.5.xml:1122
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1742,17 +1775,17 @@ msgstr ""
"offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1097
+#: sssd.conf.5.xml:1129
msgid "Default: 0 (unlimited)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1102
+#: sssd.conf.5.xml:1134
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1113
+#: sssd.conf.5.xml:1145
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1765,17 +1798,17 @@ msgstr ""
"даних розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1120
+#: sssd.conf.5.xml:1152
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1126
+#: sssd.conf.5.xml:1158
msgid "id_provider (string)"
msgstr "id_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129
+#: sssd.conf.5.xml:1161
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1783,17 +1816,19 @@ msgstr ""
"Серед підтримуваних засобів такі:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1133
-msgid "proxy: Support a legacy NSS provider"
+#: sssd.conf.5.xml:1165
+#, fuzzy
+#| msgid "proxy: Support a legacy NSS provider"
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "proxy: підтримка застарілого модуля надання даних NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1136
+#: sssd.conf.5.xml:1168
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1140
+#: sssd.conf.5.xml:1172
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1804,8 +1839,8 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1148 sssd.conf.5.xml:1210 sssd.conf.5.xml:1261
-#: sssd.conf.5.xml:1314
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1818,8 +1853,8 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157 sssd.conf.5.xml:1219 sssd.conf.5.xml:1270
-#: sssd.conf.5.xml:1323
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1831,12 +1866,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1168
+#: sssd.conf.5.xml:1200
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1171
+#: sssd.conf.5.xml:1203
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1846,7 +1881,7 @@ msgstr ""
"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1208
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1859,12 +1894,32 @@ msgstr ""
"не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1189
+#: sssd.conf.5.xml:1221
+#, fuzzy
+#| msgid "ipa_netgroup_member_user (string)"
+msgid "ignore_group_members (bool)"
+msgstr "ipa_netgroup_member_user (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
msgid "auth_provider (string)"
msgstr "auth_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1192
+#: sssd.conf.5.xml:1241
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1873,7 +1928,7 @@ msgstr ""
"служб розпізнавання:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1196 sssd.conf.5.xml:1254
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1885,7 +1940,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1203
+#: sssd.conf.5.xml:1252
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1897,18 +1952,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1227
+#: sssd.conf.5.xml:1276
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1230
+#: sssd.conf.5.xml:1279
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> — вимкнути розпізнавання повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1233
+#: sssd.conf.5.xml:1282
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1917,12 +1972,12 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1239
+#: sssd.conf.5.xml:1288
msgid "access_provider (string)"
msgstr "access_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1242
+#: sssd.conf.5.xml:1291
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1933,7 +1988,7 @@ msgstr ""
"Вбудованими програмами є:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1248
+#: sssd.conf.5.xml:1297
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1942,12 +1997,12 @@ msgstr ""
"доступу для локального домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1251
+#: sssd.conf.5.xml:1300
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> — завжди забороняти доступ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1278
+#: sssd.conf.5.xml:1327
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1960,17 +2015,17 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1285
+#: sssd.conf.5.xml:1334
msgid "Default: <quote>permit</quote>"
msgstr "Типове значення: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1290
+#: sssd.conf.5.xml:1339
msgid "chpass_provider (string)"
msgstr "chpass_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1293
+#: sssd.conf.5.xml:1342
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1979,7 +2034,7 @@ msgstr ""
"підтримку таких систем зміни паролів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1298
+#: sssd.conf.5.xml:1347
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1991,7 +2046,7 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1355
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2003,18 +2058,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1331
+#: sssd.conf.5.xml:1380
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1335
+#: sssd.conf.5.xml:1384
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1338
+#: sssd.conf.5.xml:1387
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -2023,19 +2078,19 @@ msgstr ""
"цього параметра і якщо система здатна обробляти запити щодо паролів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1345
+#: sssd.conf.5.xml:1394
msgid "sudo_provider (string)"
msgstr "sudo_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1348
+#: sssd.conf.5.xml:1397
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"Служба SUDO, яку використано для цього домену. Серед підтримуваних служб "
"SUDO:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1352
+#: sssd.conf.5.xml:1401
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2047,24 +2102,25 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1359
+#: sssd.conf.5.xml:1408
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> явним чином вимикає SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1362 sssd.conf.5.xml:1444 sssd.conf.5.xml:1469
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Типове значення: використовується значення <quote>id_provider</quote>, якщо "
"його встановлено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1368
+#: sssd.conf.5.xml:1417
msgid "selinux_provider (string)"
msgstr "selinux_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1371
+#: sssd.conf.5.xml:1420
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2075,7 +2131,7 @@ msgstr ""
"доступу. Передбачено підтримку таких засобів надання даних SELinux:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1377
+#: sssd.conf.5.xml:1426
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2087,14 +2143,14 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1385
+#: sssd.conf.5.xml:1434
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> явним чином забороняє отримання даних щодо параметрів "
"SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1388
+#: sssd.conf.5.xml:1437
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2103,14 +2159,19 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо завантаження SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1394
+#: sssd.conf.5.xml:1443
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1397
+#: sssd.conf.5.xml:1446
+#, fuzzy
+#| msgid ""
+#| "The provider which should handle fetching of subdomains. This value "
+#| "should be always the same as id_provider. Supported subdomain providers "
+#| "are:"
msgid ""
-"The provider which should handle fetching of subdomains. This value should "
+"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
"Засіб надання даних, який має обробляти отримання даних піддоменів. Це "
@@ -2118,7 +2179,7 @@ msgstr ""
"підтримку таких засобів надання даних піддоменів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1402
+#: sssd.conf.5.xml:1452
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2130,22 +2191,17 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1461
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів."
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1413 sssd-ldap.5.xml:1564
-msgid "Default: none"
-msgstr "Типове значення: none"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1419
+#: sssd.conf.5.xml:1472
msgid "autofs_provider (string)"
msgstr "autofs_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1422
+#: sssd.conf.5.xml:1475
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2153,7 +2209,7 @@ msgstr ""
"autofs:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1426
+#: sssd.conf.5.xml:1479
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2165,7 +2221,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1433
+#: sssd.conf.5.xml:1486
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2177,17 +2233,17 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1441
+#: sssd.conf.5.xml:1494
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> вимикає autofs повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1451
+#: sssd.conf.5.xml:1504
msgid "hostid_provider (string)"
msgstr "hostid_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1454
+#: sssd.conf.5.xml:1507
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2196,7 +2252,7 @@ msgstr ""
"вузла. Серед підтримуваних засобів надання hostid:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1458
+#: sssd.conf.5.xml:1511
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2208,12 +2264,12 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1466
+#: sssd.conf.5.xml:1519
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> вимикає hostid повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1479
+#: sssd.conf.5.xml:1532
msgid ""
"Regular expression for this domain that describes how to parse the string "
"containing user name and domain into these components."
@@ -2222,7 +2278,7 @@ msgstr ""
"користувача і доменом на його частини."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1484
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2235,22 +2291,22 @@ msgstr ""
"різні стилі запису імен користувачів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1489
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr "користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1492
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr "користувач@назва.домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1495
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr "домен\\користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1498
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2259,7 +2315,7 @@ msgstr ""
"того, щоб полегшити інтеграцію користувачів з доменів Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1503
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2270,7 +2326,7 @@ msgstr ""
"домену — все після цього символу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1509
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2282,7 +2338,7 @@ msgstr ""
"платформах з версією libpcre 7."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1516
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2292,7 +2348,7 @@ msgstr ""
"підшаблонів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1526
+#: sssd.conf.5.xml:1579
msgid ""
"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
"manvolnum> </citerefentry>-compatible format that describes how to translate "
@@ -2303,17 +2359,17 @@ msgstr ""
"кортежу (назва, домен) для цього домену у назву належного формату."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1534
+#: sssd.conf.5.xml:1587
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Типове значення: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1540
+#: sssd.conf.5.xml:1593
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1543
+#: sssd.conf.5.xml:1596
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2322,48 +2378,48 @@ msgstr ""
"під час виконання пошуків у DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1547
+#: sssd.conf.5.xml:1600
msgid "Supported values:"
msgstr "Передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1550
+#: sssd.conf.5.xml:1603
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі "
"спробувати формат IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1553
+#: sssd.conf.5.xml:1606
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1556
+#: sssd.conf.5.xml:1609
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі "
"спробувати формат IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1559
+#: sssd.conf.5.xml:1612
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1562
+#: sssd.conf.5.xml:1615
msgid "Default: ipv4_first"
msgstr "Типове значення: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1568
+#: sssd.conf.5.xml:1621
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1571
+#: sssd.conf.5.xml:1624
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2374,12 +2430,12 @@ msgstr ""
"очікування буде перевищено, домен продовжуватиме роботу у автономному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1583
+#: sssd.conf.5.xml:1636
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1586
+#: sssd.conf.5.xml:1639
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2388,28 +2444,28 @@ msgstr ""
"частину запиту визначення служб DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1590
+#: sssd.conf.5.xml:1643
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Типова поведінка: використовувати назву домену з назви вузла комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1596
+#: sssd.conf.5.xml:1649
msgid "override_gid (integer)"
msgstr "override_gid (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1599
+#: sssd.conf.5.xml:1652
msgid "Override the primary GID value with the one specified."
msgstr "Замірити значення основного GID на вказане."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1605
+#: sssd.conf.5.xml:1658
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1608
+#: sssd.conf.5.xml:1661
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2418,17 +2474,17 @@ msgstr ""
"версії підтримку передбачено лише для локальних надавачів даних."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1613
+#: sssd.conf.5.xml:1666
msgid "Default: True"
msgstr "Типове значення: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1619
+#: sssd.conf.5.xml:1672
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1622
+#: sssd.conf.5.xml:1675
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2443,12 +2499,12 @@ msgstr ""
"у кеші, щоб пришвидшити надання результатів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1636
+#: sssd.conf.5.xml:1689
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1639
+#: sssd.conf.5.xml:1692
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values."
@@ -2458,7 +2514,7 @@ msgstr ""
"<emphasis>override_homedir</emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1644
+#: sssd.conf.5.xml:1697
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2466,12 +2522,12 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1701
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Типове значення: <filename>/home/%d/%u</filename>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:911
+#: sssd.conf.5.xml:919
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2482,17 +2538,17 @@ msgstr ""
"quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1660
+#: sssd.conf.5.xml:1713
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1663
+#: sssd.conf.5.xml:1716
msgid "The proxy target PAM proxies to."
msgstr "Комп’ютер, для якого виконує проксі-сервер PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1719
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2501,12 +2557,12 @@ msgstr ""
"налаштуваннями pam або створити нові і тут додати назву служби."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1674
+#: sssd.conf.5.xml:1727
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1677
+#: sssd.conf.5.xml:1730
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2517,7 +2573,7 @@ msgstr ""
"наприклад _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1656
+#: sssd.conf.5.xml:1709
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2526,12 +2582,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1689
+#: sssd.conf.5.xml:1742
msgid "The local domain section"
msgstr "Розділ локального домену"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1691
+#: sssd.conf.5.xml:1744
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2542,29 +2598,29 @@ msgstr ""
"використовує <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1698
+#: sssd.conf.5.xml:1751
msgid "default_shell (string)"
msgstr "default_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1754
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"Типова оболонка для записів користувачів, створених за допомогою "
"інструментів простору користувачів SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1705
+#: sssd.conf.5.xml:1758
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Типове значення: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1710
+#: sssd.conf.5.xml:1763
msgid "base_directory (string)"
msgstr "base_directory (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1713
+#: sssd.conf.5.xml:1766
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2573,17 +2629,17 @@ msgstr ""
"replaceable> і використовують отриману адресу як адресу домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1718
+#: sssd.conf.5.xml:1771
msgid "Default: <filename>/home</filename>"
msgstr "Типове значення: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1776
msgid "create_homedir (bool)"
msgstr "create_homedir (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1726
+#: sssd.conf.5.xml:1779
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2592,17 +2648,17 @@ msgstr ""
"Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1730 sssd.conf.5.xml:1742
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
msgid "Default: TRUE"
msgstr "Типове значення: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1735
+#: sssd.conf.5.xml:1788
msgid "remove_homedir (bool)"
msgstr "remove_homedir (булівське значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1738
+#: sssd.conf.5.xml:1791
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2611,12 +2667,12 @@ msgstr ""
"користувачів. Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1747
+#: sssd.conf.5.xml:1800
msgid "homedir_umask (integer)"
msgstr "homedir_umask (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1750
+#: sssd.conf.5.xml:1803
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2627,17 +2683,17 @@ msgstr ""
"до щойно створеного домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1758
+#: sssd.conf.5.xml:1811
msgid "Default: 077"
msgstr "Типове значення: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1763
+#: sssd.conf.5.xml:1816
msgid "skel_dir (string)"
msgstr "skel_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1766
+#: sssd.conf.5.xml:1819
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2650,17 +2706,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1829
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Типове значення: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1781
+#: sssd.conf.5.xml:1834
msgid "mail_dir (string)"
msgstr "mail_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1784
+#: sssd.conf.5.xml:1837
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2671,17 +2727,17 @@ msgstr ""
"каталог не вказано, буде використано типове значення."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1844
msgid "Default: <filename>/var/mail</filename>"
msgstr "Типове значення: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1796
+#: sssd.conf.5.xml:1849
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1799
+#: sssd.conf.5.xml:1852
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2692,18 +2748,18 @@ msgstr ""
"вилучається. Код виконання, повернутий програмою не обробляється."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1805
+#: sssd.conf.5.xml:1858
msgid "Default: None, no command is run"
msgstr "Типове значення: None, не виконувати жодних команд"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1815 sssd-ldap.5.xml:2259 sssd-simple.5.xml:126
-#: sssd-ipa.5.xml:583 sssd-ad.5.xml:228 sssd-krb5.5.xml:441
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
msgid "EXAMPLE"
msgstr "ПРИКЛАД"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1821
+#: sssd.conf.5.xml:1874
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2757,7 +2813,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1817
+#: sssd.conf.5.xml:1870
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2816,7 +2872,7 @@ msgstr ""
"більше про використання LDAP, як засобу керування доступом."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
#: sssd-krb5.5.xml:63
msgid "CONFIGURATION OPTIONS"
msgstr "ПАРАМЕТРИ НАЛАШТУВАННЯ"
@@ -3660,8 +3716,8 @@ msgstr "Атрибут LDAP, що відповідає повному імені
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1823 sssd-ldap.5.xml:2149
-#: sssd-ipa.5.xml:461
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
msgid "Default: cn"
msgstr "Типове значення: cn"
@@ -3676,7 +3732,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:365
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
msgid "Default: memberOf"
msgstr "Типове значення: memberOf"
@@ -3893,7 +3949,7 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1632 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "Типове значення: False"
@@ -4107,6 +4163,7 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Типове значення: 6"
@@ -4185,7 +4242,7 @@ msgstr ""
"дії TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:1980
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
msgid "Default: 900 (15 minutes)"
msgstr "Типове значення: 900 (15 хвилин)"
@@ -4523,26 +4580,53 @@ msgstr "ldap_sasl_authid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:1418
+#, fuzzy
+#| msgid ""
+#| "Specify the SASL authorization id to use. When GSSAPI is used, this "
+#| "represents the Kerberos principal used for authentication to the "
+#| "directory."
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
-"represents the Kerberos principal used for authentication to the directory."
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
msgstr ""
"Визначає ідентифікатор уповноваження SASL, який слід використовувати. Якщо "
"використано GSSAPI, відповідає реєстраційному запису Kerberos, який "
"використовується для розпізнавання під час доступу до каталогу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1423
+#: sssd-ldap.5.xml:1426
msgid "Default: host/hostname@REALM"
msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1429
+#: sssd-ldap.5.xml:1432
+#, fuzzy
+#| msgid "ldap_sasl_mech (string)"
+msgid "ldap_sasl_realm (string)"
+msgstr "ldap_sasl_mech (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1450
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4552,34 +4636,34 @@ msgstr ""
"SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1437
+#: sssd-ldap.5.xml:1455
msgid "Default: false;"
msgstr "Типове значення: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1443
+#: sssd-ldap.5.xml:1461
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1446
+#: sssd-ldap.5.xml:1464
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1449
+#: sssd-ldap.5.xml:1467
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1473
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1458
+#: sssd-ldap.5.xml:1476
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4590,27 +4674,27 @@ msgstr ""
"механізм GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1470
+#: sssd-ldap.5.xml:1488
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1491
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1477
+#: sssd-ldap.5.xml:1495
msgid "Default: 86400 (24 hours)"
msgstr "Типове значення: 86400 (24 години)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1483 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1486
+#: sssd-ldap.5.xml:1504
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4629,7 +4713,7 @@ msgstr ""
"про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1498 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4641,7 +4725,7 @@ msgstr ""
"вдасться знайти."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1503 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4652,29 +4736,29 @@ msgstr ""
"варто перейти на використання «krb5_server» у файлах налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1512 sssd-ipa.5.xml:254 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1515
+#: sssd-ldap.5.xml:1533
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1518
+#: sssd-ldap.5.xml:1536
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1524 sssd-ipa.5.xml:269 sssd-krb5.5.xml:418
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1527
+#: sssd-ldap.5.xml:1545
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4684,12 +4768,12 @@ msgstr ""
"версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1539
+#: sssd-ldap.5.xml:1557
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1542
+#: sssd-ldap.5.xml:1560
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4698,7 +4782,7 @@ msgstr ""
"використовувати такі значення:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1547
+#: sssd-ldap.5.xml:1565
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4707,7 +4791,7 @@ msgstr ""
"разі використання цього варіанта перевірку на боці сервера вимкнено не буде."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1552
+#: sssd-ldap.5.xml:1570
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4718,7 +4802,7 @@ msgstr ""
"manvolnum></citerefentry> для визначення того, чи чинним є пароль."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1558
+#: sssd-ldap.5.xml:1576
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4728,19 +4812,24 @@ msgstr ""
"для визначення завершення строку дії пароля. У разі зміни пароля "
"скористайтеся chpass_provider=krb5 для оновлення цих атрибутів."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr "Типове значення: none"
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1588
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1573
+#: sssd-ldap.5.xml:1591
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1577
+#: sssd-ldap.5.xml:1595
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4749,7 +4838,7 @@ msgstr ""
"з версією OpenLDAP 2.4.13 або новішою версією."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1600
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4763,28 +4852,28 @@ msgstr ""
"«false» може значно пришвидшити роботу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1596
+#: sssd-ldap.5.xml:1614
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1599
+#: sssd-ldap.5.xml:1617
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Визначає назву служби, яку буде використано у разі вмикання визначення служб."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1603
+#: sssd-ldap.5.xml:1621
msgid "Default: ldap"
msgstr "Типове значення: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1609
+#: sssd-ldap.5.xml:1627
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1612
+#: sssd-ldap.5.xml:1630
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4793,17 +4882,17 @@ msgstr ""
"уможливлює зміну паролів, у разі вмикання визначення служб."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1635
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1623
+#: sssd-ldap.5.xml:1641
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1626
+#: sssd-ldap.5.xml:1644
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
@@ -4812,12 +4901,12 @@ msgstr ""
"щодо кількості днів з часу виконання дії зі зміни пароля."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1638
+#: sssd-ldap.5.xml:1656
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1659
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4835,12 +4924,12 @@ msgstr ""
"скористайтеся параметром access_provider = permit"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1653 sssd-ldap.5.xml:2209
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
msgid "Example:"
msgstr "Приклад:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1674
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4852,7 +4941,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1660
+#: sssd-ldap.5.xml:1678
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4860,7 +4949,7 @@ msgstr ""
"У прикладі доступ до вузла обмежено учасниками групи «allowedusers» у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1665
+#: sssd-ldap.5.xml:1683
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4874,17 +4963,17 @@ msgstr ""
"таких прав не було надано, у автономному режимі їх також не буде надано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1673 sssd-ldap.5.xml:1723
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
msgid "Default: Empty"
msgstr "Типове значення: порожній рядок"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1679
+#: sssd-ldap.5.xml:1697
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1682
+#: sssd-ldap.5.xml:1700
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4893,7 +4982,7 @@ msgstr ""
"керування доступом на боці клієнта."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1686
+#: sssd-ldap.5.xml:1704
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4904,12 +4993,12 @@ msgstr ""
"з відповідним кодом помилки, навіть якщо вказано правильний пароль."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1693
+#: sssd-ldap.5.xml:1711
msgid "The following values are allowed:"
msgstr "Можна використовувати такі значення:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1696
+#: sssd-ldap.5.xml:1714
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4918,7 +5007,7 @@ msgstr ""
"визначити, чи завершено строк дії облікового запису."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1701
+#: sssd-ldap.5.xml:1719
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4931,7 +5020,7 @@ msgstr ""
"Також буде перевірено, чи не вичерпано строк дії облікового запису."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1708
+#: sssd-ldap.5.xml:1726
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4942,7 +5031,7 @@ msgstr ""
"ldap_ns_account_lock."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1732
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4955,30 +5044,30 @@ msgstr ""
"атрибутів, надати доступ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1729
+#: sssd-ldap.5.xml:1747
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1750
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Список відокремлених комами параметрів керування доступом. Можливі значення "
"списку:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1736
+#: sssd-ldap.5.xml:1754
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1739
+#: sssd-ldap.5.xml:1757
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
"<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1743
+#: sssd-ldap.5.xml:1761
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4987,19 +5076,19 @@ msgstr ""
"можливості доступу атрибут authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1748
+#: sssd-ldap.5.xml:1766
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити "
"права доступу"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1752
+#: sssd-ldap.5.xml:1770
msgid "Default: filter"
msgstr "Типове значення: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1755
+#: sssd-ldap.5.xml:1773
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5008,12 +5097,12 @@ msgstr ""
"використано декілька разів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1762
+#: sssd-ldap.5.xml:1780
msgid "ldap_deref (string)"
msgstr "ldap_deref (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1765
+#: sssd-ldap.5.xml:1783
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5022,13 +5111,13 @@ msgstr ""
"пошуку. Можливі такі варіанти:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1788
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1774
+#: sssd-ldap.5.xml:1792
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5038,7 +5127,7 @@ msgstr ""
"пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1779
+#: sssd-ldap.5.xml:1797
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5047,7 +5136,7 @@ msgstr ""
"під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1784
+#: sssd-ldap.5.xml:1802
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5056,7 +5145,7 @@ msgstr ""
"час пошуку, так і під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1789
+#: sssd-ldap.5.xml:1807
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5064,6 +5153,39 @@ msgstr ""
"Типове значення: не встановлено (обробка бібліотеками LDAP клієнта за "
"сценарієм <emphasis>never</emphasis>)"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+#, fuzzy
+#| msgid "ldap_krb5_init_creds (boolean)"
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr "ldap_krb5_init_creds (булеве значення)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ldap.5.xml:51
msgid ""
@@ -5080,57 +5202,57 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1800
+#: sssd-ldap.5.xml:1849
msgid "SUDO OPTIONS"
msgstr "ПАРАМЕТРИ SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1804
+#: sssd-ldap.5.xml:1853
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1856
msgid "The object class of a sudo rule entry in LDAP."
msgstr "Клас об’єктів запису правила sudo у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1810
+#: sssd-ldap.5.xml:1859
msgid "Default: sudoRole"
msgstr "Типове значення: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1816
+#: sssd-ldap.5.xml:1865
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1819
+#: sssd-ldap.5.xml:1868
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "Атрибут LDAP, що відповідає назві правила sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1829
+#: sssd-ldap.5.xml:1878
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1832
+#: sssd-ldap.5.xml:1881
msgid "The LDAP attribute that corresponds to the command name."
msgstr "Атрибут LDAP, що відповідає назві команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1836
+#: sssd-ldap.5.xml:1885
msgid "Default: sudoCommand"
msgstr "Типове значення: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1842
+#: sssd-ldap.5.xml:1891
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1845
+#: sssd-ldap.5.xml:1894
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5139,17 +5261,17 @@ msgstr ""
"вузла, мережевій групі вузла)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1850
+#: sssd-ldap.5.xml:1899
msgid "Default: sudoHost"
msgstr "Типове значення: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1905
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1908
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5158,32 +5280,32 @@ msgstr ""
"або назві мережевої групи користувача)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1863
+#: sssd-ldap.5.xml:1912
msgid "Default: sudoUser"
msgstr "Типове значення: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1869
+#: sssd-ldap.5.xml:1918
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1872
+#: sssd-ldap.5.xml:1921
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "Атрибут LDAP, що відповідає параметрам sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1876
+#: sssd-ldap.5.xml:1925
msgid "Default: sudoOption"
msgstr "Типове значення: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1882
+#: sssd-ldap.5.xml:1931
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1934
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5192,17 +5314,17 @@ msgstr ""
"команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1889
+#: sssd-ldap.5.xml:1938
msgid "Default: sudoRunAsUser"
msgstr "Типове значення: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1895
+#: sssd-ldap.5.xml:1944
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1898
+#: sssd-ldap.5.xml:1947
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5211,17 +5333,17 @@ msgstr ""
"виконувати команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1902
+#: sssd-ldap.5.xml:1951
msgid "Default: sudoRunAsGroup"
msgstr "Типове значення: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1957
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1911
+#: sssd-ldap.5.xml:1960
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5229,49 +5351,49 @@ msgstr ""
"Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1915
+#: sssd-ldap.5.xml:1964
msgid "Default: sudoNotBefore"
msgstr "Типове значення: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1970
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1924
+#: sssd-ldap.5.xml:1973
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1929
+#: sssd-ldap.5.xml:1978
msgid "Default: sudoNotAfter"
msgstr "Типове значення: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1935
+#: sssd-ldap.5.xml:1984
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:1987
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "Атрибут LDAP, що відповідає порядковому номеру правила."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1942
+#: sssd-ldap.5.xml:1991
msgid "Default: sudoOrder"
msgstr "Типове значення: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1948
+#: sssd-ldap.5.xml:1997
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2000
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5281,7 +5403,7 @@ msgstr ""
"набір правил, що зберігаються на сервері."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1956
+#: sssd-ldap.5.xml:2005
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5290,17 +5412,17 @@ msgstr ""
"<emphasis>ldap_sudo_smart_refresh_interval </emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1961
+#: sssd-ldap.5.xml:2010
msgid "Default: 21600 (6 hours)"
msgstr "Типове значення: 21600 (6 годин)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1967
+#: sssd-ldap.5.xml:2016
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2019
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5311,7 +5433,7 @@ msgstr ""
"правил, USN яких перевищує найбільше значення USN у кешованих правилах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1976
+#: sssd-ldap.5.xml:2025
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5320,12 +5442,12 @@ msgstr ""
"дані атрибута modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1986
+#: sssd-ldap.5.xml:2035
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1989
+#: sssd-ldap.5.xml:2038
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -5335,12 +5457,12 @@ msgstr ""
"назв вузлів)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2049
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2003
+#: sssd-ldap.5.xml:2052
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5349,7 +5471,7 @@ msgstr ""
"фільтрування списку правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2008
+#: sssd-ldap.5.xml:2057
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -5358,8 +5480,8 @@ msgstr ""
"назву вузла та повну назву комп’ютера у домені у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2013 sssd-ldap.5.xml:2036 sssd-ldap.5.xml:2054
-#: sssd-ldap.5.xml:2072
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5368,17 +5490,17 @@ msgstr ""
"<emphasis>false</emphasis>, цей параметр ні на що не впливатиме."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2018 sssd-ldap.5.xml:2041
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
msgid "Default: not specified"
msgstr "Типове значення: не вказано"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2024
+#: sssd-ldap.5.xml:2073
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2027
+#: sssd-ldap.5.xml:2076
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5387,7 +5509,7 @@ msgstr ""
"правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2032
+#: sssd-ldap.5.xml:2081
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5396,12 +5518,12 @@ msgstr ""
"адресу у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2047
+#: sssd-ldap.5.xml:2096
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2050
+#: sssd-ldap.5.xml:2099
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -5410,26 +5532,30 @@ msgstr ""
"мережеву групу (netgroup) у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2065
+#: sssd-ldap.5.xml:2114
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2068
+#: sssd-ldap.5.xml:2117
+#, fuzzy
+#| msgid ""
+#| "If true then SSSD will download every rule that contains a netgroup in "
+#| "sudoHost attribute."
msgid ""
-"If true then SSSD will download every rule that contains a regular "
-"expression in sudoHost attribute."
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
msgstr ""
"Якщо вказано значення true, SSSD отримуватиме всі правила, що містять "
-"формальний вираз у атрибуті sudoHost."
+"мережеву групу (netgroup) у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1851
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2084
+#: sssd-ldap.5.xml:2133
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5442,12 +5568,12 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2094
+#: sssd-ldap.5.xml:2143
msgid "AUTOFS OPTIONS"
msgstr "ПАРАМЕТРИ AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2145
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5456,47 +5582,47 @@ msgstr ""
"визначено у RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2102
+#: sssd-ldap.5.xml:2151
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2105 sssd-ldap.5.xml:2131
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
msgid "The object class of an automount map entry in LDAP."
msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2135
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
msgid "Default: automountMap"
msgstr "Типове значення: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2115
+#: sssd-ldap.5.xml:2164
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2118
+#: sssd-ldap.5.xml:2167
msgid "The name of an automount map entry in LDAP."
msgstr "Назва запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2170
msgid "Default: ou"
msgstr "Типове значення: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2128
+#: sssd-ldap.5.xml:2177
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2142
+#: sssd-ldap.5.xml:2191
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2145 sssd-ldap.5.xml:2159
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5505,17 +5631,17 @@ msgstr ""
"точні монтування."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2156
+#: sssd-ldap.5.xml:2205
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2163
+#: sssd-ldap.5.xml:2212
msgid "Default: automountInformation"
msgstr "Типове значення: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2100
+#: sssd-ldap.5.xml:2149
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5528,32 +5654,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2222
msgid "ADVANCED OPTIONS"
msgstr "ДОДАТКОВІ ПАРАМЕТРИ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2229
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2185
+#: sssd-ldap.5.xml:2234
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2190
+#: sssd-ldap.5.xml:2239
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2195
+#: sssd-ldap.5.xml:2244
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2198
+#: sssd-ldap.5.xml:2247
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5562,7 +5688,7 @@ msgstr ""
"фільтрування LDAP, яким буде обмежено пошук користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2202
+#: sssd-ldap.5.xml:2251
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5571,7 +5697,7 @@ msgstr ""
"використовувати синтаксичні конструкції з ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2261
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5581,7 +5707,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2215
+#: sssd-ldap.5.xml:2264
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5590,12 +5716,12 @@ msgstr ""
"яких встановлено командну оболонку /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2271
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2225
+#: sssd-ldap.5.xml:2274
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5604,7 +5730,7 @@ msgstr ""
"фільтрування LDAP, яким буде обмежено пошук груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2278
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5613,17 +5739,17 @@ msgstr ""
"використовувати синтаксичні конструкції з ldap_group_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2288
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2293
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2175
+#: sssd-ldap.5.xml:2224
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5634,7 +5760,7 @@ msgstr ""
"відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2310
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5645,8 +5771,17 @@ msgstr ""
"</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2267
-#, no-wrap
+#: sssd-ldap.5.xml:2316
+#, fuzzy, no-wrap
+#| msgid ""
+#| " [domain/LDAP]\n"
+#| " id_provider = ldap\n"
+#| " auth_provider = ldap\n"
+#| " ldap_uri = ldap://ldap.mydomain.org\n"
+#| " ldap_search_base = dc=mydomain,dc=org\n"
+#| " ldap_tls_reqcert = demand\n"
+#| " cache_credentials = true\n"
+#| " enumerate = true\n"
msgid ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5655,7 +5790,6 @@ msgid ""
" ldap_search_base = dc=mydomain,dc=org\n"
" ldap_tls_reqcert = demand\n"
" cache_credentials = true\n"
-" enumerate = true\n"
msgstr ""
" [domain/LDAP]\n"
" id_provider = ldap\n"
@@ -5667,19 +5801,20 @@ msgstr ""
" enumerate = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2266 sssd-simple.5.xml:134 sssd-ipa.5.xml:591
-#: sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2280 sssd_krb5_locator_plugin.8.xml:61 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЗАУВАЖЕННЯ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2282
+#: sssd-ldap.5.xml:2330
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6078,7 +6213,7 @@ msgstr ""
"обробляються."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
msgid ""
"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -6093,6 +6228,14 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-simple.5.xml:120
msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
"Please note that it is an configuration error if both, simple_allow_users "
"and simple_deny_users, are defined."
msgstr ""
@@ -6100,7 +6243,7 @@ msgstr ""
"simple_deny_users, є помилкою у налаштуванні."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-simple.5.xml:128
+#: sssd-simple.5.xml:133
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6112,7 +6255,7 @@ msgstr ""
"доступу."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-simple.5.xml:135
+#: sssd-simple.5.xml:140
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6190,13 +6333,21 @@ msgstr ""
"вузлів). Докладнішу інформацію щодо HBAC можна отримати на сайті freeipa."
"org. У налаштуванні керування доступом на боці клієнта немає потреби."
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:72
+#: sssd-ipa.5.xml:78
msgid "ipa_domain (string)"
msgstr "ipa_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:75
+#: sssd-ipa.5.xml:81
msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
@@ -6205,12 +6356,12 @@ msgstr ""
"використано назву домену з налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:83
+#: sssd-ipa.5.xml:89
msgid "ipa_server, ipa_backup_server (string)"
msgstr "ipa_server, ipa_backup_server (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:86
+#: sssd-ipa.5.xml:92
msgid ""
"The comma-separated list of IP addresses or hostnames of the IPA servers to "
"which SSSD should connect in the order of preference. For more information "
@@ -6226,12 +6377,12 @@ msgstr ""
"СЛУЖБ»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:99
+#: sssd-ipa.5.xml:105
msgid "ipa_hostname (string)"
msgstr "ipa_hostname (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:102
+#: sssd-ipa.5.xml:108
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
@@ -6241,12 +6392,12 @@ msgstr ""
"цього вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:110
+#: sssd-ipa.5.xml:116
msgid "ipa_dyndns_update (boolean)"
msgstr "ipa_dyndns_update (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:113
+#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
"built into FreeIPA v2 with the IP address of this client."
@@ -6256,7 +6407,7 @@ msgstr ""
"клієнтського комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:118
+#: sssd-ipa.5.xml:124
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -6266,12 +6417,34 @@ msgstr ""
"у /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:135
+#, fuzzy
+#| msgid "pam_id_timeout (integer)"
+msgid "ipa_dyndns_ttl (integer)"
+msgstr "pam_id_timeout (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+#, fuzzy
+#| msgid "Default: 5 (seconds)"
+msgid "Default: 1200 (seconds)"
+msgstr "Типове значення: 5 (секунд)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
msgid "ipa_dyndns_iface (string)"
msgstr "ipa_dyndns_iface (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:132
+#: sssd-ipa.5.xml:152
msgid ""
"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
"interface whose IP address should be used for dynamic DNS updates."
@@ -6281,40 +6454,40 @@ msgstr ""
"оновлень DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:137
+#: sssd-ipa.5.xml:157
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:143
+#: sssd-ipa.5.xml:163
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:146
+#: sssd-ipa.5.xml:166
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з "
"HBAC об’єктів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:150
+#: sssd-ipa.5.xml:170
msgid "Default: Use base DN"
msgstr "Типове значення: використання базової назви домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:156
+#: sssd-ipa.5.xml:176
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:159
+#: sssd-ipa.5.xml:179
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:163 sssd-ipa.5.xml:187 sssd-ipa.5.xml:206 sssd-ipa.5.xml:225
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6323,7 +6496,7 @@ msgstr ""
"налаштування декількох основ пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:168
+#: sssd-ipa.5.xml:188
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -6334,64 +6507,64 @@ msgstr ""
"проігноровано."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:173 sssd-ipa.5.xml:192 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:180
+#: sssd-ipa.5.xml:200
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:183
+#: sssd-ipa.5.xml:203
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку карт "
"користувачів SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:199
+#: sssd-ipa.5.xml:219
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:202
+#: sssd-ipa.5.xml:222
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку надійних доменів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:211
+#: sssd-ipa.5.xml:231
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Типове значення: значення <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:218
+#: sssd-ipa.5.xml:238
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:221
+#: sssd-ipa.5.xml:241
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку основного "
"об’єкта домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:230
+#: sssd-ipa.5.xml:250
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
"Типове значення: значення виразу <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:237 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:240
+#: sssd-ipa.5.xml:260
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -6399,7 +6572,7 @@ msgstr ""
"Перевірити за допомогою krb5_keytab, чи не було підмінено отриманий TGT."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:247
+#: sssd-ipa.5.xml:267
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6408,7 +6581,7 @@ msgstr ""
"модуля Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:257
+#: sssd-ipa.5.xml:277
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6417,7 +6590,7 @@ msgstr ""
"«ipa_domain»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:261
+#: sssd-ipa.5.xml:281
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6426,7 +6599,7 @@ msgstr ""
"перетворено у основний DN для виконання дій LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:292
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6437,12 +6610,12 @@ msgstr ""
"запитів AS. Цю можливість передбачено з версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:285
+#: sssd-ipa.5.xml:305
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:288
+#: sssd-ipa.5.xml:308
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6453,17 +6626,40 @@ msgstr ""
"короткого періоду часу надходить багато запитів щодо керування доступом."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:295
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
msgid "Default: 5 (seconds)"
msgstr "Типове значення: 5 (секунд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:300
+#: sssd-ipa.5.xml:321
+#, fuzzy
+#| msgid "ipa_hbac_refresh (integer)"
+msgid "ipa_hbac_selinux (integer)"
+msgstr "ipa_hbac_refresh (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+#, fuzzy
+#| msgid ""
+#| "The amount of time between lookups of the HBAC rules against the IPA "
+#| "server. This will reduce the latency and load on the IPA server if there "
+#| "are many access-control requests made in a short period."
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+"Проміжок часу між послідовними пошуками правил HBAC щодо сервера IPA. Зміна "
+"може зменшити час затримки та навантаження на сервер IPA, якщо протягом "
+"короткого періоду часу надходить багато запитів щодо керування доступом."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:303
+#: sssd-ipa.5.xml:340
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6477,7 +6673,7 @@ msgstr ""
"періоду передбачено два режими обробки таких правил:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:349
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6486,7 +6682,7 @@ msgstr ""
"DENY, всім користувачам доступ буде заборонено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:317
+#: sssd-ipa.5.xml:354
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6496,17 +6692,17 @@ msgstr ""
"небажаним користувачам."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:322
+#: sssd-ipa.5.xml:359
msgid "Default: DENY_ALL"
msgstr "Типове значення: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:327
+#: sssd-ipa.5.xml:364
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:330
+#: sssd-ipa.5.xml:367
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
@@ -6515,7 +6711,7 @@ msgstr ""
"даних PAM, буде проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:371
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
@@ -6525,38 +6721,38 @@ msgstr ""
"буде проігноровано;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:345
+#: sssd-ipa.5.xml:382
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:348
+#: sssd-ipa.5.xml:385
msgid "The automounter location this IPA client will be using"
msgstr ""
"Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:351
+#: sssd-ipa.5.xml:388
msgid "Default: The location named \"default\""
msgstr "Типове значення: адреса з назвою \"default\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:358
+#: sssd-ipa.5.xml:395
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:361
+#: sssd-ipa.5.xml:398
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "Атрибут LDAP зі списком учасників мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:407
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:373
+#: sssd-ipa.5.xml:410
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6565,17 +6761,17 @@ msgstr ""
"учасниками мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:378 sssd-ipa.5.xml:473
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
msgid "Default: memberUser"
msgstr "Типове значення: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:383
+#: sssd-ipa.5.xml:420
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:386
+#: sssd-ipa.5.xml:423
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6584,17 +6780,17 @@ msgstr ""
"учасниками мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:390 sssd-ipa.5.xml:485
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
msgid "Default: memberHost"
msgstr "Типове значення: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:395
+#: sssd-ipa.5.xml:432
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:435
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6603,78 +6799,78 @@ msgstr ""
"мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:402
+#: sssd-ipa.5.xml:439
msgid "Default: externalHost"
msgstr "Типове значення: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:407
+#: sssd-ipa.5.xml:444
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:410
+#: sssd-ipa.5.xml:447
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
"Атрибут LDAP, у якому міститься доменна назва NIS мережевої групи (netgroup)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:451
msgid "Default: nisDomainName"
msgstr "Типове значення: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:420
+#: sssd-ipa.5.xml:457
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:423 sssd-ipa.5.xml:446
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
msgid "The object class of a host entry in LDAP."
msgstr "Клас об’єктів запису вузла у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:426 sssd-ipa.5.xml:449
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
msgid "Default: ipaHost"
msgstr "Типове значення: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:431
+#: sssd-ipa.5.xml:468
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:434
+#: sssd-ipa.5.xml:471
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "Атрибут LDAP, що містить FQDN вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:437
+#: sssd-ipa.5.xml:474
msgid "Default: fqdn"
msgstr "Типове значення: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:443
+#: sssd-ipa.5.xml:480
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:454
+#: sssd-ipa.5.xml:491
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:494
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "Атрибут LDAP, що містить назву карти користувачів SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:466
+#: sssd-ipa.5.xml:503
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:469
+#: sssd-ipa.5.xml:506
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
@@ -6682,12 +6878,12 @@ msgstr ""
"правило."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:515
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:518
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
@@ -6696,12 +6892,12 @@ msgstr ""
"це правило."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:490
+#: sssd-ipa.5.xml:527
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:493
+#: sssd-ipa.5.xml:530
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6710,32 +6906,32 @@ msgstr ""
"для встановлення відповідності замість memberUser і memberHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:498
+#: sssd-ipa.5.xml:535
msgid "Default: seeAlso"
msgstr "Типове значення: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:540
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:506
+#: sssd-ipa.5.xml:543
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "Атрибут LDAP, який містить сам рядок користувача SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:510
+#: sssd-ipa.5.xml:547
msgid "Default: ipaSELinuxUser"
msgstr "Типове значення: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:515
+#: sssd-ipa.5.xml:552
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:518
+#: sssd-ipa.5.xml:555
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -6744,72 +6940,104 @@ msgstr ""
"користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:522
+#: sssd-ipa.5.xml:559
msgid "Default: ipaEnabledFlag"
msgstr "Типове значення: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:527
+#: sssd-ipa.5.xml:564
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:530
+#: sssd-ipa.5.xml:567
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr "Атрибут LDAP, що містить категорію користувачів, зокрема 'all'."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:534
+#: sssd-ipa.5.xml:571
msgid "Default: userCategory"
msgstr "Типове значення: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:539
+#: sssd-ipa.5.xml:576
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:542
+#: sssd-ipa.5.xml:579
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "Атрибут LDAP, що містить категорію вузлів, зокрема 'all'."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:546
+#: sssd-ipa.5.xml:583
msgid "Default: hostCategory"
msgstr "Типове значення: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:551
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:554
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "Атрибут LDAP, що містить унікальний ідентифікатор карти користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:558
+#: sssd-ipa.5.xml:595
msgid "Default: ipaUniqueID"
msgstr "Типове значення: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:563
+#: sssd-ipa.5.xml:600
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:566
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:570
+#: sssd-ipa.5.xml:607
msgid "Default: ipaSshPubKey"
msgstr "Типове значення: ipaSshPubKey"
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:585
+#: sssd-ipa.5.xml:645
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6821,7 +7049,7 @@ msgstr ""
"ipa."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:592
+#: sssd-ipa.5.xml:652
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -7011,7 +7239,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:230
+#: sssd-ad.5.xml:231
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7022,7 +7250,7 @@ msgstr ""
"У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:237
+#: sssd-ad.5.xml:238
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -7045,11 +7273,35 @@ msgstr ""
"ad_hostname = client.example.com\n"
"ad_domain = example.com\n"
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
msgid "sssd-sudo"
msgstr "sssd-sudo"
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+#, fuzzy
+#| msgid "Configuring sudo to cooperate with SSSD"
+msgid "Configuring sudo with the SSSD back end"
+msgstr "Налаштовування sudo на співпрацю з SSSD"
+
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-sudo.5.xml:23
msgid ""
@@ -7307,8 +7559,8 @@ msgstr "ключове слово ALL"
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:168
-msgid "regular expression"
-msgstr "формальний вираз"
+msgid "wildcard"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
#: sssd-sudo.5.xml:173
@@ -9596,12 +9848,21 @@ msgstr ""
#. type: Content of: <refsect1><refsect2><para>
#: include/failover.xml:16
+#, fuzzy
+#| msgid ""
+#| "For each failover-enabled config option, two variants exist: "
+#| "<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea "
+#| "is that servers in the primary list are preferred and backup servers are "
+#| "only searched if no primary servers can be reached. If a backup server is "
+#| "selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+#| "periodically try to reconnect to one of the primary servers. If it "
+#| "succeeds, it will replace the current active (backup) server."
msgid ""
"For each failover-enabled config option, two variants exist: "
"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
"that servers in the primary list are preferred and backup servers are only "
"searched if no primary servers can be reached. If a backup server is "
-"selected, a timeout of 30 seconds is set. After this timeout SSSD will "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
"periodically try to reconnect to one of the primary servers. If it succeeds, "
"it will replace the current active (backup) server."
msgstr ""
@@ -10157,6 +10418,45 @@ msgstr "ТАКОЖ ПЕРЕГЛЯНЬТЕ"
#. type: Content of: <refsect1><para>
#: include/seealso.xml:4
+#, fuzzy
+#| msgid ""
+#| "<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+#| "refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+#| "citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+#| "<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+#| "refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+#| "manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> "
+#| "<citerefentry> <refentrytitle>sss_ssh_authorizedkeys</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+#| "<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+#| "manvolnum> </citerefentry>, </phrase> <citerefentry> "
+#| "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> </"
+#| "citerefentry>."
msgid ""
"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
@@ -10191,7 +10491,7 @@ msgid ""
"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, <citerefentry> "
-"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> <manvolnum>8</"
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
msgstr ""
@@ -10301,3 +10601,13 @@ msgstr ""
"лише під час запуску, отже якщо до ssd.conf внесено будь-які пов’язані з "
"autofs зміни, типово слід перезапустити фонову службу автоматичного "
"монтування після перезапуску SSSD."
+
+#~ msgid ""
+#~ "If true then SSSD will download every rule that contains a regular "
+#~ "expression in sudoHost attribute."
+#~ msgstr ""
+#~ "Якщо вказано значення true, SSSD отримуватиме всі правила, що містять "
+#~ "формальний вираз у атрибуті sudoHost."
+
+#~ msgid "regular expression"
+#~ msgstr "формальний вираз"
diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po
new file mode 100644
index 000000000..65de0d4d1
--- /dev/null
+++ b/src/man/po/zh_CN.po
@@ -0,0 +1,8398 @@
+# SOME DESCRIPTIVE TITLE
+# Copyright (C) YEAR Red Hat
+# This file is distributed under the same license as the sssd-docs package.
+#
+# Translators:
+# Christopher Meng <cickumqt@gmail.com>, 2012.
+msgid ""
+msgstr ""
+"Project-Id-Version: SSSD\n"
+"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
+"POT-Creation-Date: 2013-04-02 18:27+0300\n"
+"PO-Revision-Date: 2012-12-24 06:39+0000\n"
+"Last-Translator: Christopher Meng <cickumqt@gmail.com>\n"
+"Language-Team: Chinese (China) <trans-zh_cn@lists.fedoraproject.org>\n"
+"Language: zh_CN\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=1; plural=0;\n"
+
+#. type: Content of: <reference><title>
+#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5
+#: sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5
+#: sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5
+#: sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5
+#: sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5
+#: sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5
+#: sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5
+#: sss_ssh_knownhostsproxy.1.xml:5
+msgid "SSSD Manual pages"
+msgstr "SSSD 手册页面"
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15
+msgid "sss_groupmod"
+msgstr "sss_groupmod"
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11
+#: sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11
+#: sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11
+#: sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11
+#: sss_debuglevel.8.xml:11 sss_seed.8.xml:11
+msgid "8"
+msgstr "8"
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupmod.8.xml:16
+msgid "modify a group"
+msgstr "变更一个组"
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupmod.8.xml:21
+msgid ""
+"<command>sss_groupmod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44
+#: sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21
+#: sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30
+#: sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30
+#: sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30
+#: sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30
+#: sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30
+#: sss_ssh_knownhostsproxy.1.xml:31
+msgid "DESCRIPTION"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupmod.8.xml:32
+msgid ""
+"<command>sss_groupmod</command> modifies the group to reflect the changes "
+"that are specified on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58
+#: sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39
+#: sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39
+#: sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42
+#: sss_ssh_authorizedkeys.1.xml:75 sss_ssh_knownhostsproxy.1.xml:62
+msgid "OPTIONS"
+msgstr "选项"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:43 sss_usermod.8.xml:77
+msgid ""
+"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+"<option>-a</option>,<option>--append-group</option> <replaceable>GROUPS</"
+"replaceable>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:48
+msgid ""
+"Append this group to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupmod.8.xml:57 sss_usermod.8.xml:91
+msgid ""
+"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+"<option>-r</option>,<option>--remove-group</option> <replaceable>GROUPS</"
+"replaceable>"
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupmod.8.xml:62
+msgid ""
+"Remove this group from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+"Remove this group from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.conf.5.xml:10 sssd.conf.5.xml:16
+msgid "sssd.conf"
+msgstr "sssd.conf"
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11
+#: sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11
+msgid "5"
+msgstr "5"
+
+#. type: Content of: <reference><refentry><refmeta><refmiscinfo>
+#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12
+#: sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12
+msgid "File Formats and Conventions"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16
+#: sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17
+msgid "the configuration file for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:21
+msgid "FILE FORMAT"
+msgstr "文件格式"
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:29
+#, no-wrap
+msgid ""
+" <replaceable>[section]</replaceable>\n"
+" <replaceable>key</replaceable> = <replaceable>value</replaceable>\n"
+" <replaceable>key2</replaceable> = <replaceable>value2,value3</replaceable>\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:24
+msgid ""
+"The file has an ini-style syntax and consists of sections and parameters. A "
+"section begins with the name of the section in square brackets and continues "
+"until the next section begins. An example of section with single and multi-"
+"valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:36
+msgid ""
+"The data types used are string (no quotes needed), integer and bool (with "
+"values of <quote>TRUE/FALSE</quote>)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:41
+msgid ""
+"A line comment starts with a hash sign (<quote>#</quote>) or a semicolon "
+"(<quote>;</quote>). Inline comments are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:47
+msgid ""
+"All sections can have an optional <replaceable>description</replaceable> "
+"parameter. Its function is only as a label for the section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:53
+msgid ""
+"<filename>sssd.conf</filename> must be a regular file, owned by root and "
+"only root may read from or write to the file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:59
+msgid "SPECIAL SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:62
+msgid "The [sssd] section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1749
+msgid "Section parameters"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:73
+msgid "config_file_version (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:76
+msgid ""
+"Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
+"version 2."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:82
+msgid "services"
+msgstr "服务"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:85
+msgid ""
+"Comma separated list of services that are started when sssd itself starts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:89
+msgid ""
+"Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</phrase> "
+"<phrase condition=\"with_autofs\">, autofs</phrase> <phrase condition="
+"\"with_ssh\">, ssh</phrase> <phrase condition=\"with_pac_responder\">, pac</"
+"phrase>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:290
+msgid "reconnection_retries (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:293
+msgid ""
+"Number of times services should attempt to reconnect in the event of a Data "
+"Provider crash or restart before they give up"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:298
+msgid "Default: 3"
+msgstr "默认: 3"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:111
+msgid "domains"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:114
+msgid ""
+"A domain is a database containing user information. SSSD can use more "
+"domains at the same time, but at least one must be configured or SSSD won't "
+"start. This parameter described the list of domains in the order you want "
+"them to be queried."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:124 sssd.conf.5.xml:1529
+msgid "re_expression (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:127
+msgid ""
+"Default regular expression that describes how to parse the string containing "
+"user name and domain into these components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:132
+msgid ""
+"Each domain can have an individual regular expression configured. For some "
+"ID providers there are also default regular expressions. See DOMAIN "
+"SECTIONS for more info on these regular expressions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:141 sssd.conf.5.xml:1576
+msgid "full_name_format (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:144
+msgid ""
+"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+"how to translate a (name, domain) tuple into a fully qualified name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:152
+msgid ""
+"Each domain can have an individual format string configured. see DOMAIN "
+"SECTIONS for more info on this option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:158
+msgid "try_inotify (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:161
+msgid ""
+"SSSD monitors the state of resolv.conf to identify when it needs to update "
+"its internal DNS resolver. By default, we will attempt to use inotify for "
+"this, and will fall back to polling resolv.conf every five seconds if "
+"inotify cannot be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:169
+msgid ""
+"There are some limited situations where it is preferred that we should skip "
+"even trying to use inotify. In these rare cases, this option should be set "
+"to 'false'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:175
+msgid ""
+"Default: true on platforms where inotify is supported. False on other "
+"platforms."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:179
+msgid ""
+"Note: this option will have no effect on platforms where inotify is "
+"unavailable. On these platforms, polling will always be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:186
+msgid "krb5_rcache_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:189
+msgid ""
+"Directory on the filesystem where SSSD should store Kerberos replay cache "
+"files."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:193
+msgid ""
+"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
+"SSSD to let libkrb5 decide the appropriate location for the replay cache."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:199
+msgid ""
+"Default: Distribution-specific and specified at build-time. "
+"(__LIBKRB5_DEFAULTS__ if not configured)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:206
+msgid "default_domain_suffix (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:209
+msgid ""
+"This string will be used as a default domain name for all names without a "
+"domain name component. The main use case is environments where the primary "
+"domain is intended for managing host policies and all users are located in a "
+"trusted domain. The option allows those users to log in just with their "
+"user name without giving a domain name as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:219
+msgid ""
+"Please note that if this option is set all users from the primary domain "
+"have to use their fully qualified name, e.g. user@domain.name, to log in."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:225 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
+#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd-krb5.5.xml:366 include/ldap_id_mapping.xml:145
+#: include/ldap_id_mapping.xml:156
+msgid "Default: not set"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:64
+msgid ""
+"Individual pieces of SSSD functionality are provided by special SSSD "
+"services that are started and stopped together with SSSD. The services are "
+"managed by a special service frequently called <quote>monitor</quote>. The "
+"<quote>[sssd]</quote> section is used to configure the monitor as well as "
+"some other important options like the identity domains. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:236
+msgid "SERVICES SECTIONS"
+msgstr "服务部分"
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:238
+msgid ""
+"Settings that can be used to configure different services are described in "
+"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
+"section, for example, for NSS service, the section would be <quote>[nss]</"
+"quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:245
+msgid "General service configuration options"
+msgstr "基本服务配置选项"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:247
+msgid "These options can be used to configure any service."
+msgstr "这些选项可被用于配置任何服务。"
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:251
+msgid "debug_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:255
+msgid "debug_timestamps (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:258
+msgid "Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:261 sssd.conf.5.xml:441 sssd.conf.5.xml:841
+#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
+#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:264
+#: sssd-ipa.5.xml:299
+msgid "Default: true"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:266
+msgid "debug_microseconds (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:269
+msgid "Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:272 sssd.conf.5.xml:795 sssd.conf.5.xml:1683
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
+#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:376 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278
+#: sssd-krb5.5.xml:427
+msgid "Default: false"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:277
+msgid "timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:280
+msgid ""
+"Timeout in seconds between heartbeats for this service. This is used to "
+"ensure that the process is alive and capable of answering requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:285 sssd-ldap.5.xml:1248
+msgid "Default: 10"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:303
+msgid "fd_limit"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:306
+msgid ""
+"This option specifies the maximum number of file descriptors that may be "
+"opened at one time by this SSSD process. On systems where SSSD is granted "
+"the CAP_SYS_RESOURCE capability, this will be an absolute setting. On "
+"systems without this capability, the resulting value will be the lower value "
+"of this or the limits.conf \"hard\" limit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:315
+msgid "Default: 8192 (or limits.conf \"hard\" limit)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:320
+msgid "client_idle_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:323
+msgid ""
+"This option specifies the number of seconds that a client of an SSSD process "
+"can hold onto a file descriptor without communicating on it. This value is "
+"limited in order to avoid resource exhaustion on the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:330 sssd.conf.5.xml:346 sssd.conf.5.xml:613
+#: sssd.conf.5.xml:773 sssd.conf.5.xml:1005 sssd-ldap.5.xml:1099
+msgid "Default: 60"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:335 sssd.conf.5.xml:994
+msgid "force_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:338 sssd.conf.5.xml:997
+msgid ""
+"If a service is not responding to ping checks (see the <quote>timeout</"
+"quote> option), it is first sent the SIGTERM signal that instructs it to "
+"quit gracefully. If the service does not terminate after "
+"<quote>force_timeout</quote> seconds, the monitor will forcibly shut it down "
+"by sending a SIGKILL signal."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:354
+msgid "NSS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:356
+msgid ""
+"These options can be used to configure the Name Service Switch (NSS) service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:361
+msgid "enum_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:364
+msgid ""
+"How many seconds should nss_sss cache enumerations (requests for info about "
+"all users)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:368
+msgid "Default: 120"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:373
+msgid "entry_cache_nowait_percentage (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:376
+msgid ""
+"The entry cache can be set to automatically update entries in the background "
+"if they are requested beyond a percentage of the entry_cache_timeout value "
+"for the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:382
+msgid ""
+"For example, if the domain's entry_cache_timeout is set to 30s and "
+"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
+"after 15 seconds past the last cache update will be returned immediately, "
+"but the SSSD will go and update the cache on its own, so that future "
+"requests will not need to block waiting for a cache update."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:392
+msgid ""
+"Valid values for this option are 0-99 and represent a percentage of the "
+"entry_cache_timeout for each domain. For performance reasons, this "
+"percentage will never reduce the nowait timeout to less than 10 seconds. (0 "
+"disables this feature)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:400
+msgid "Default: 50"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:405
+msgid "entry_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:408
+msgid ""
+"Specifies for how many seconds nss_sss should cache negative cache hits "
+"(that is, queries for invalid database entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:414 sssd.conf.5.xml:819
+msgid "Default: 15"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:419
+msgid "filter_users, filter_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:422
+msgid ""
+"Exclude certain users from being fetched from the sss NSS database. This is "
+"particularly useful for system accounts. This option can also be set per-"
+"domain or include fully-qualified names to filter only users from the "
+"particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:429
+msgid "Default: root"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:434
+msgid "filter_users_in_groups (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:437
+msgid ""
+"If you want filtered user still be group members set this option to false."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:446 sssd-ad.5.xml:132
+msgid "override_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:455 sssd-ad.5.xml:141 sssd-krb5.5.xml:169
+msgid "%u"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:456 sssd-ad.5.xml:142 sssd-krb5.5.xml:170
+msgid "login name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:459 sssd-ad.5.xml:145 sssd-krb5.5.xml:173
+msgid "%U"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:460 sssd-ad.5.xml:146
+msgid "UID number"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:463 sssd-ad.5.xml:149 sssd-krb5.5.xml:191
+msgid "%d"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:464 sssd-ad.5.xml:150
+msgid "domain name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:467 sssd-ad.5.xml:153
+msgid "%f"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:468 sssd-ad.5.xml:154
+msgid "fully qualified user name (user@domain)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:471
+msgid "%o"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:473
+msgid "The original home directory retrieved from the identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:478 sssd-ad.5.xml:157 sssd-krb5.5.xml:203
+msgid "%%"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:479 sssd-ad.5.xml:158 sssd-krb5.5.xml:204
+msgid "a literal '%'"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:449 sssd-ad.5.xml:135
+msgid ""
+"Override the user's home directory. You can either provide an absolute value "
+"or a template. In the template, the following sequences are substituted: "
+"<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:485 sssd-ad.5.xml:164
+msgid "This option can also be set per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd.conf.5.xml:490 sssd.conf.5.xml:514 sssd-ad.5.xml:169
+#, no-wrap
+msgid ""
+"override_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:488 sssd.conf.5.xml:512 sssd-ad.5.xml:167 sssd-ad.5.xml:191
+msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:494 sssd-ad.5.xml:173
+msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:500 sssd-ad.5.xml:179
+msgid "fallback_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:503 sssd-ad.5.xml:182
+msgid ""
+"Set a default template for a user's home directory if one is not specified "
+"explicitly by the domain's data provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:508 sssd-ad.5.xml:187
+msgid ""
+"The available values for this option are the same as for override_homedir."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:518 sssd-ad.5.xml:197
+msgid "Default: not set (no substitution for unset home directories)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:524
+msgid "override_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:527
+msgid ""
+"Override the login shell for all users. This option can be specified "
+"globally in the [nss] section or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:532
+msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:538
+msgid "allowed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:541
+msgid ""
+"Restrict user shell to one of the listed values. The order of evaluation is:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:544
+msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:548
+msgid ""
+"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
+"quote>, use the value of the shell_fallback parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:553
+msgid ""
+"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
+"shells</quote>, a nologin shell is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:558
+msgid "An empty string for shell is passed as-is to libc."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:561
+msgid ""
+"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
+"that a restart of the SSSD is required in case a new shell is installed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:565
+msgid "Default: Not set. The user shell is automatically used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:570
+msgid "vetoed_shells (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:573
+msgid "Replace any instance of these shells with the shell_fallback"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:578
+msgid "shell_fallback (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:581
+msgid ""
+"The default shell to use if an allowed shell is not installed on the machine."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:585
+msgid "Default: /bin/sh"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:590 sssd-ad.5.xml:203
+msgid "default_shell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:593 sssd-ad.5.xml:206
+msgid ""
+"The default shell to use if the provider does not return one during lookup. "
+"This option supersedes any other shell options if it takes effect and can be "
+"set either in the [nss] section or per-domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:599 sssd-ad.5.xml:212
+msgid ""
+"Default: not set (Return NULL if no shell is specified and rely on libc to "
+"substitute something sensible when necessary, usually /bin/sh)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:606 sssd.conf.5.xml:766
+msgid "get_domains_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:609 sssd.conf.5.xml:769
+msgid ""
+"Specifies time in seconds for which the list of subdomains will be "
+"considered valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:618
+msgid "memcache_timeout (int)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:621
+msgid ""
+"Specifies time in seconds for which records in the in-memory cache will be "
+"valid"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:625 sssd-ldap.5.xml:654
+msgid "Default: 300"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:632
+msgid "PAM configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:634
+msgid ""
+"These options can be used to configure the Pluggable Authentication Module "
+"(PAM) service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:639
+msgid "offline_credentials_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:642
+msgid ""
+"If the authentication provider is offline, how long should we allow cached "
+"logins (in days since the last successful online login)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:647 sssd.conf.5.xml:660
+msgid "Default: 0 (No limit)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:653
+msgid "offline_failed_login_attempts (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:656
+msgid ""
+"If the authentication provider is offline, how many failed login attempts "
+"are allowed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:666
+msgid "offline_failed_login_delay (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:669
+msgid ""
+"The time in minutes which has to pass after offline_failed_login_attempts "
+"has been reached before a new login attempt is possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:674
+msgid ""
+"If set to 0 the user cannot authenticate offline if "
+"offline_failed_login_attempts has been reached. Only a successful online "
+"authentication can enable offline authentication again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:680 sssd.conf.5.xml:733 sssd.conf.5.xml:1630
+msgid "Default: 5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:686
+msgid "pam_verbosity (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:689
+msgid ""
+"Controls what kind of messages are shown to the user during authentication. "
+"The higher the number to more messages are displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:694
+msgid "Currently sssd supports the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:697
+msgid "<emphasis>0</emphasis>: do not show any message"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:700
+msgid "<emphasis>1</emphasis>: show only important messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:704
+msgid "<emphasis>2</emphasis>: show informational messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:707
+msgid "<emphasis>3</emphasis>: show all messages and debug information"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:711 sssd.8.xml:63
+msgid "Default: 1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:716
+msgid "pam_id_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:719
+msgid ""
+"For any PAM request while SSSD is online, the SSSD will attempt to "
+"immediately update the cached identity information for the user in order to "
+"ensure that authentication takes place with the latest information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:725
+msgid ""
+"A complete PAM conversation may perform multiple PAM requests, such as "
+"account management and session opening. This option controls (on a per-"
+"client-application basis) how long (in seconds) we can cache the identity "
+"information to avoid excessive round-trips to the identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:739
+msgid "pam_pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:742 sssd.conf.5.xml:1137
+msgid "Display a warning N days before the password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:745
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:1140
+msgid ""
+"If zero is set, then this filter is not applied, i.e. if the expiration "
+"warning was received from backend server, it will automatically be displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:756
+msgid ""
+"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
+"emphasis> for a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:761 sssd.8.xml:79
+msgid "Default: 0"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:781
+msgid "SUDO configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:783
+msgid "These options can be used to configure the sudo service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:787
+msgid "sudo_timed (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:790
+msgid ""
+"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
+"that implement time-dependent sudoers entries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:803
+msgid "AUTOFS configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:805
+msgid "These options can be used to configure the autofs service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:809
+msgid "autofs_negative_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:812
+msgid ""
+"Specifies for how many seconds should the autofs responder negative cache "
+"hits (that is, queries for invalid map entries, like nonexistent ones) "
+"before asking the back end again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:828
+msgid "SSH configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:830
+msgid "These options can be used to configure the SSH service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:834
+msgid "ssh_hash_known_hosts (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:837
+msgid ""
+"Whether or not to hash host names and addresses in the managed known_hosts "
+"file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:846
+msgid "ssh_known_hosts_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:849
+msgid ""
+"How many seconds to keep a host in the managed known_hosts file after its "
+"host keys were requested."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:853
+msgid "Default: 180"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:861
+msgid "PAC responder configuration options"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:863
+msgid ""
+"The PAC responder works together with the authorization data plugin for MIT "
+"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
+"PAC data during a GSSAPI authentication to the PAC responder. The sub-domain "
+"provider collects domain SID and ID ranges of the domain the client is "
+"joined to and of remote trusted domains from the local domain controller. "
+"If the PAC is decoded and evaluated some of the following operations are "
+"done:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:872
+msgid ""
+"If the remote user does not exist in the cache, it is created. The uid is "
+"calculated based on the SID, trusted domains will have UPGs and the gid will "
+"have the same value as the uid. The home directory is set based on the "
+"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
+"system defaults are used, but can be overwritten with the default_shell "
+"parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:880
+msgid ""
+"If there are SIDs of groups from the domain the sssd client belongs to, the "
+"user will be added to those groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:886
+msgid "These options can be used to configure the PAC responder."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:890
+msgid "allowed_uids (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:893
+msgid ""
+"Specifies the comma-separated list of UID values or user names that are "
+"allowed to access the PAC responder. User names are resolved to UIDs at "
+"startup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:899
+msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:903
+msgid ""
+"Please note that although the UID 0 is used as the default it will be "
+"overwritten with this option. If you still want to allow the root user to "
+"access the PAC responder, which would be the typical case, you have to add 0 "
+"to the list of allowed UIDs as well."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:917
+msgid "DOMAIN SECTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:924
+msgid "min_id,max_id (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:927
+msgid ""
+"UID and GID limits for the domain. If a domain contains an entry that is "
+"outside these limits, it is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:932
+msgid ""
+"For users, this affects the primary GID limit. The user will not be returned "
+"to NSS if either the UID or the primary GID is outside the range. For non-"
+"primary group memberships, those that are in range will be reported as "
+"expected."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:939
+msgid "Default: 1 for min_id, 0 (no limit) for max_id"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:945
+msgid "enumerate (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:948
+msgid ""
+"Determines if a domain can be enumerated. This parameter can have one of the "
+"following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:952
+msgid "TRUE = Users and groups are enumerated"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:955
+msgid "FALSE = No enumerations for this domain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:958 sssd.conf.5.xml:1114 sssd.conf.5.xml:1216
+#: sssd.conf.5.xml:1233
+msgid "Default: FALSE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:961
+msgid ""
+"Note: Enabling enumeration has a moderate performance impact on SSSD while "
+"enumeration is running. It may take up to several minutes after SSSD startup "
+"to fully complete enumerations. During this time, individual requests for "
+"information will go directly to LDAP, though it may be slow, due to the "
+"heavy enumeration processing. Saving a large number of entries to cache "
+"after the enumeration completes might also be CPU intensive as the "
+"memberships have to be recomputed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:974
+msgid ""
+"While the first enumeration is running, requests for the complete user or "
+"group lists may return no results until it completes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:979
+msgid ""
+"Further, enabling enumeration may increase the time necessary to detect "
+"network disconnection, as longer timeouts are required to ensure that "
+"enumeration lookups are completed successfully. For more information, refer "
+"to the man pages for the specific id_provider in use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:987
+msgid ""
+"For the reasons cited above, enabling enumeration is not recommended, "
+"especially in large environments."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1011
+msgid "entry_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1014
+msgid ""
+"How many seconds should nss_sss consider entries valid before asking the "
+"backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1018
+msgid "Default: 5400"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1024
+msgid "entry_cache_user_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1027
+msgid ""
+"How many seconds should nss_sss consider user entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1031 sssd.conf.5.xml:1044 sssd.conf.5.xml:1057
+#: sssd.conf.5.xml:1070 sssd.conf.5.xml:1083 sssd.conf.5.xml:1097
+msgid "Default: entry_cache_timeout"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1037
+msgid "entry_cache_group_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1040
+msgid ""
+"How many seconds should nss_sss consider group entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1050
+msgid "entry_cache_netgroup_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1053
+msgid ""
+"How many seconds should nss_sss consider netgroup entries valid before "
+"asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1063
+msgid "entry_cache_service_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1066
+msgid ""
+"How many seconds should nss_sss consider service entries valid before asking "
+"the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1076
+msgid "entry_cache_sudo_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1079
+msgid ""
+"How many seconds should sudo consider rules valid before asking the backend "
+"again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1089
+msgid "entry_cache_autofs_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1092
+msgid ""
+"How many seconds should the autofs service consider automounter maps valid "
+"before asking the backend again"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1103
+msgid "cache_credentials (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1106
+msgid "Determines if user credentials are also cached in the local LDB cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1110
+msgid "User credentials are stored in a SHA512 hash, not in plaintext"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1119
+msgid "account_cache_expiration (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1122
+msgid ""
+"Number of days entries are left in cache after last successful login before "
+"being removed during a cleanup of the cache. 0 means keep forever. The "
+"value of this parameter must be greater than or equal to "
+"offline_credentials_expiration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1129
+msgid "Default: 0 (unlimited)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1134
+msgid "pwd_expiration_warning (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1145
+msgid ""
+"Please note that the backend server has to provide information about the "
+"expiration time of the password. If this information is missing, sssd "
+"cannot display a warning. Also an auth provider has to be configured for the "
+"backend."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1152
+msgid "Default: 7 (Kerberos), 0 (LDAP)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1158
+msgid "id_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1161
+msgid ""
+"The identification provider used for the domain. Supported ID providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1165
+msgid "<quote>proxy</quote>: Support a legacy NSS provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1168
+msgid "<quote>local</quote>: SSSD internal provider for local users"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1172
+msgid ""
+"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
+"information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1180 sssd.conf.5.xml:1259 sssd.conf.5.xml:1310
+#: sssd.conf.5.xml:1363
+msgid ""
+"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
+"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring "
+"FreeIPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1189 sssd.conf.5.xml:1268 sssd.conf.5.xml:1319
+#: sssd.conf.5.xml:1372
+msgid ""
+"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Active Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1200
+msgid "use_fully_qualified_names (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1203
+msgid ""
+"Use the full name and domain (as formatted by the domain's full_name_format) "
+"as the user's login name reported to NSS."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1208
+msgid ""
+"If set to TRUE, all requests to this domain must use fully qualified names. "
+"For example, if used in LOCAL domain that contains a \"test\" user, "
+"<command>getent passwd test</command> wouldn't find the user while "
+"<command>getent passwd test@LOCAL</command> would."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1221
+msgid "ignore_group_members (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1224
+msgid "Do not return group members for group lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1227
+msgid ""
+"If set to TRUE, the group membership attribute is not requested from the "
+"ldap server, and group members are not returned when processing group lookup "
+"calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1238
+msgid "auth_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1241
+msgid ""
+"The authentication provider used for the domain. Supported auth providers "
+"are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1245 sssd.conf.5.xml:1303
+msgid ""
+"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1252
+msgid ""
+"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1276
+msgid ""
+"<quote>proxy</quote> for relaying authentication to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1279
+msgid "<quote>none</quote> disables authentication explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1282
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"authentication requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1288
+msgid "access_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1291
+msgid ""
+"The access control provider used for the domain. There are two built-in "
+"access providers (in addition to any included in installed backends) "
+"Internal special providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1297
+msgid ""
+"<quote>permit</quote> always allow access. It's the only permitted access "
+"provider for a local domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1300
+msgid "<quote>deny</quote> always deny access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1327
+msgid ""
+"<quote>simple</quote> access control based on access or deny lists. See "
+"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> for more information on configuring the simple "
+"access module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1334
+msgid "Default: <quote>permit</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1339
+msgid "chpass_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1342
+msgid ""
+"The provider which should handle change password operations for the domain. "
+"Supported change password providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1347
+msgid ""
+"<quote>ldap</quote> to change a password stored in a LDAP server. See "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1355
+msgid ""
+"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
+"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring Kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1380
+msgid ""
+"<quote>proxy</quote> for relaying password changes to some other PAM target."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1384
+msgid "<quote>none</quote> disallows password changes explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1387
+msgid ""
+"Default: <quote>auth_provider</quote> is used if it is set and can handle "
+"change password requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1394
+msgid "sudo_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1397
+msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1401
+msgid ""
+"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1408
+msgid "<quote>none</quote> disables SUDO explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1411 sssd.conf.5.xml:1465 sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1522
+msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1417
+msgid "selinux_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1420
+msgid ""
+"The provider which should handle loading of selinux settings. Note that this "
+"provider will be called right after access provider ends. Supported selinux "
+"providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1426
+msgid ""
+"<quote>ipa</quote> to load selinux settings from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1434
+msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1437
+msgid ""
+"Default: <quote>id_provider</quote> is used if it is set and can handle "
+"selinux loading requests."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1443
+msgid "subdomains_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1446
+msgid ""
+"The provider which should handle fetching of subdomains. This value should "
+"be always the same as id_provider. Supported subdomain providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1452
+msgid ""
+"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1461
+msgid "<quote>none</quote> disallows fetching subdomains explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1472
+msgid "autofs_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1475
+msgid ""
+"The autofs provider used for the domain. Supported autofs providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1479
+msgid ""
+"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1486
+msgid ""
+"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
+"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1494
+msgid "<quote>none</quote> disables autofs explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1504
+msgid "hostid_provider (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1507
+msgid ""
+"The provider used for retrieving host identity information. Supported "
+"hostid providers are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1511
+msgid ""
+"<quote>ipa</quote> to load host identity stored in an IPA server. See "
+"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> for more information on configuring IPA."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1519
+msgid "<quote>none</quote> disables hostid explicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1532
+msgid ""
+"Regular expression for this domain that describes how to parse the string "
+"containing user name and domain into these components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1537
+msgid ""
+"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
+"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
+"P&lt;name&gt;[^@\\\\]+)$))</quote> which allows three different styles for "
+"user names:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1542
+msgid "username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1545
+msgid "username@domain.name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd.conf.5.xml:1548
+msgid "domain\\username"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1551
+msgid ""
+"While the first two correspond to the general default the third one is "
+"introduced to allow easy integration of users from Windows domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1556
+msgid ""
+"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
+"which translates to \"the name is everything up to the <quote>@</quote> "
+"sign, the domain everything after that\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1562
+msgid ""
+"PLEASE NOTE: the support for non-unique named subpatterns is not available "
+"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
+"version 7 or higher can support non-unique named subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1569
+msgid ""
+"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
+"P&lt;name&gt;) to label subpatterns."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to translate "
+"a (name, domain) tuple for this domain into a fully qualified name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1587
+msgid "Default: <quote>%1$s@%2$s</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1593
+msgid "lookup_family_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1596
+msgid ""
+"Provides the ability to select preferred address family to use when "
+"performing DNS lookups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1600
+msgid "Supported values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1603
+msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1606
+msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1609
+msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1612
+msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1615
+msgid "Default: ipv4_first"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1621
+msgid "dns_resolver_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1624
+msgid ""
+"Defines the amount of time (in seconds) to wait for a reply from the DNS "
+"resolver before assuming that it is unreachable. If this timeout is reached, "
+"the domain will continue to operate in offline mode."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1636
+msgid "dns_discovery_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1639
+msgid ""
+"If service discovery is used in the back end, specifies the domain part of "
+"the service discovery DNS query."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1643
+msgid "Default: Use the domain part of machine's hostname"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1649
+msgid "override_gid (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1652
+msgid "Override the primary GID value with the one specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1658
+msgid "case_sensitive (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1661
+msgid ""
+"Treat user and group names as case sensitive. At the moment, this option is "
+"not supported in the local provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1666
+msgid "Default: True"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1672
+msgid "proxy_fast_alias (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1675
+msgid ""
+"When a user or group is looked up by name in the proxy provider, a second "
+"lookup by ID is performed to \"canonicalize\" the name in case the requested "
+"name was an alias. Setting this option to true would cause the SSSD to "
+"perform the ID lookup from cache for performance reasons."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1689
+msgid "subdomain_homedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1692
+msgid ""
+"Use this homedir as default value for all subdomains within this domain. See "
+"<emphasis>override_homedir</emphasis> for info about possible values."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1697
+msgid ""
+"The value can be overridden by <emphasis>override_homedir</emphasis> option."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1701
+msgid "Default: <filename>/home/%d/%u</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:919
+msgid ""
+"These configuration options can be present in a domain configuration "
+"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
+"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1713
+msgid "proxy_pam_target (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1716
+msgid "The proxy target PAM proxies to."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1719
+msgid ""
+"Default: not set by default, you have to take an existing pam configuration "
+"or create a new one and add the service name here."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1727
+msgid "proxy_lib_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1730
+msgid ""
+"The name of the NSS library to use in proxy domains. The NSS functions "
+"searched for in the library are in the form of _nss_$(libName)_$(function), "
+"for example _nss_files_getpwent."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1709
+msgid ""
+"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+"\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><title>
+#: sssd.conf.5.xml:1742
+msgid "The local domain section"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><para>
+#: sssd.conf.5.xml:1744
+msgid ""
+"This section contains settings for domain that stores users and groups in "
+"SSSD native database, that is, a domain that uses "
+"<replaceable>id_provider=local</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1751
+msgid "default_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1754
+msgid "The default shell for users created with SSSD userspace tools."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1758
+msgid "Default: <filename>/bin/bash</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1763
+msgid "base_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1766
+msgid ""
+"The tools append the login name to <replaceable>base_directory</replaceable> "
+"and use that as the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1771
+msgid "Default: <filename>/home</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1776
+msgid "create_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1779
+msgid ""
+"Indicate if a home directory should be created by default for new users. "
+"Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1783 sssd.conf.5.xml:1795
+msgid "Default: TRUE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1788
+msgid "remove_homedir (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1791
+msgid ""
+"Indicate if a home directory should be removed by default for deleted "
+"users. Can be overridden on command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1800
+msgid "homedir_umask (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1803
+msgid ""
+"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
+"on a newly created home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1811
+msgid "Default: 077"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1816
+msgid "skel_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1819
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1829
+msgid "Default: <filename>/etc/skel</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1834
+msgid "mail_dir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1837
+msgid ""
+"The mail spool directory. This is needed to manipulate the mailbox when its "
+"corresponding user account is modified or deleted. If not specified, a "
+"default value is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1844
+msgid "Default: <filename>/var/mail</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1849
+msgid "userdel_cmd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1852
+msgid ""
+"The command that is run after a user is removed. The command us passed the "
+"username of the user being removed as the first and only parameter. The "
+"return code of the command is not taken into account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1858
+msgid "Default: None, no command is run"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.conf.5.xml:1868 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:643 sssd-ad.5.xml:229 sssd-krb5.5.xml:441
+msgid "EXAMPLE"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd.conf.5.xml:1874
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"domains = LDAP\n"
+"services = nss, pam\n"
+"config_file_version = 2\n"
+"\n"
+"[nss]\n"
+"filter_groups = root\n"
+"filter_users = root\n"
+"\n"
+"[pam]\n"
+"\n"
+"[domain/LDAP]\n"
+"id_provider = ldap\n"
+"ldap_uri = ldap://ldap.example.com\n"
+"ldap_search_base = dc=example,dc=com\n"
+"\n"
+"auth_provider = krb5\n"
+"krb5_server = kerberos.example.com\n"
+"krb5_realm = EXAMPLE.COM\n"
+"cache_credentials = true\n"
+"\n"
+"min_id = 10000\n"
+"max_id = 20000\n"
+"enumerate = False\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.conf.5.xml:1870
+msgid ""
+"The following example shows a typical SSSD config. It does not describe "
+"configuration of the domains themselves - refer to documentation on "
+"configuring domains for more details. <placeholder type=\"programlisting\" "
+"id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16
+msgid "sssd-ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:23
+msgid ""
+"This manual page describes the configuration of LDAP domains for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. Refer to the <quote>FILE FORMAT</quote> section of the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for detailed syntax information."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:35
+msgid "You can configure SSSD to use more than one LDAP domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:38
+msgid ""
+"LDAP back end supports id, auth, access and chpass providers. If you want to "
+"authenticate against an LDAP server either TLS/SSL or LDAPS is required. "
+"<command>sssd</command> <emphasis>does not</emphasis> support authentication "
+"over an unencrypted channel. If the LDAP server is used only as an identity "
+"provider, an encrypted channel is not needed. Please refer to "
+"<quote>ldap_access_filter</quote> config option for more information about "
+"using LDAP as an access provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:70 sssd-ad.5.xml:75
+#: sssd-krb5.5.xml:63
+msgid "CONFIGURATION OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:60
+msgid "ldap_uri, ldap_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:63
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference. Refer to the <quote>FAILOVER</"
+"quote> section for more information on failover and server redundancy. If "
+"neither option is specified, service discovery is enabled. For more "
+"information, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:70
+msgid "The format of the URI must match the format defined in RFC 2732:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:73
+msgid "ldap[s]://&lt;host&gt;[:port]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:76
+msgid ""
+"For explicit IPv6 addresses, &lt;host&gt; must be enclosed in brackets []"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:79
+msgid "example: ldap://[fc00::126:25]:389"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:85
+msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:88
+msgid ""
+"Specifies the comma-separated list of URIs of the LDAP servers to which SSSD "
+"should connect in the order of preference to change the password of a user. "
+"Refer to the <quote>FAILOVER</quote> section for more information on "
+"failover and server redundancy."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:95
+msgid "To enable service discovery ldap_chpass_dns_service_name must be set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:99
+msgid "Default: empty, i.e. ldap_uri is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:105
+msgid "ldap_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:108
+msgid "The default base DN to use for performing LDAP user operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:112
+msgid ""
+"Starting with SSSD 1.7.0, SSSD supports multiple search bases using the "
+"syntax:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:116
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:119
+msgid "The scope can be one of \"base\", \"onelevel\" or \"subtree\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:122
+msgid ""
+"The filter must be a valid LDAP search filter as specified by http://www."
+"ietf.org/rfc/rfc2254.txt"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:126
+msgid "Examples:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:129
+msgid ""
+"ldap_search_base = dc=example,dc=com (which is equivalent to) "
+"ldap_search_base = dc=example,dc=com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:134
+msgid ""
+"ldap_search_base = cn=host_specific,dc=example,dc=com?subtree?"
+"(host=thishost)?dc=example.com?subtree?"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:137
+msgid ""
+"Note: It is unsupported to have multiple search bases which reference "
+"identically-named objects (for example, groups with the same name in two "
+"different search bases). This will lead to unpredictable behavior on client "
+"machines."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:144
+msgid ""
+"Default: If not set, the value of the defaultNamingContext or namingContexts "
+"attribute from the RootDSE of the LDAP server is used. If "
+"defaultNamingContext does not exist or has an empty value namingContexts is "
+"used. The namingContexts attribute must have a single value with the DN of "
+"the search base of the LDAP server to make this work. Multiple values are "
+"are not supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:158
+msgid "ldap_schema (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:161
+msgid ""
+"Specifies the Schema Type in use on the target LDAP server. Depending on "
+"the selected schema, the default attribute names retrieved from the servers "
+"may vary. The way that some attributes are handled may also differ."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:168
+msgid "Four schema types are currently supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:172
+msgid "rfc2307"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:177
+msgid "rfc2307bis"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:182
+msgid "IPA"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
+#: sssd-ldap.5.xml:187
+msgid "AD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:193
+msgid ""
+"The main difference between these schema types is how group memberships are "
+"recorded in the server. With rfc2307, group members are listed by name in "
+"the <emphasis>memberUid</emphasis> attribute. With rfc2307bis and IPA, "
+"group members are listed by DN and stored in the <emphasis>member</emphasis> "
+"attribute. The AD schema type sets the attributes to correspond with Active "
+"Directory 2008r2 values."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:203
+msgid "Default: rfc2307"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:209
+msgid "ldap_default_bind_dn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:212
+msgid "The default bind DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:219
+msgid "ldap_default_authtok_type (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:222
+msgid "The type of the authentication token of the default bind DN."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:226
+msgid "The two mechanisms currently supported are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:229
+msgid "password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:232
+msgid "obfuscated_password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:235
+msgid "Default: password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:241
+msgid "ldap_default_authtok (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:244
+msgid ""
+"The authentication token of the default bind DN. Only clear text passwords "
+"are currently supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:251
+msgid "ldap_user_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:254
+msgid "The object class of a user entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:257
+msgid "Default: posixAccount"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:263
+msgid "ldap_user_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:266
+msgid "The LDAP attribute that corresponds to the user's login name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:270
+msgid "Default: uid"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:276
+msgid "ldap_user_uid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:279
+msgid "The LDAP attribute that corresponds to the user's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:283
+msgid "Default: uidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:289
+msgid "ldap_user_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:292
+msgid "The LDAP attribute that corresponds to the user's primary group id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+msgid "Default: gidNumber"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:302
+msgid "ldap_user_gecos (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:305
+msgid "The LDAP attribute that corresponds to the user's gecos field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:309
+msgid "Default: gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:315
+msgid "ldap_user_home_directory (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:318
+msgid "The LDAP attribute that contains the name of the user's home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:322
+msgid "Default: homeDirectory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:328
+msgid "ldap_user_shell (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:331
+msgid "The LDAP attribute that contains the path to the user's default shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:335
+msgid "Default: loginShell"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:341
+msgid "ldap_user_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:344
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+msgid "Default: nsUniqueId"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:354
+msgid "ldap_user_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:357
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP user object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+msgid "Default: objectSid for ActiveDirectory, not set for other servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:369
+msgid "ldap_user_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+msgid ""
+"The LDAP attribute that contains timestamp of the last modification of the "
+"parent object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+msgid "Default: modifyTimestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:382
+msgid "ldap_user_shadow_last_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:385
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (date of "
+"the last password change)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:395
+msgid "Default: shadowLastChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:401
+msgid "ldap_user_shadow_min (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:404
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (minimum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:413
+msgid "Default: shadowMin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:419
+msgid "ldap_user_shadow_max (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:422
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart (maximum "
+"password age)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:431
+msgid "Default: shadowMax"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:437
+msgid "ldap_user_shadow_warning (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:440
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password warning period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:450
+msgid "Default: shadowWarning"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:456
+msgid "ldap_user_shadow_inactive (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:459
+msgid ""
+"When using ldap_pwd_policy=shadow, this parameter contains the name of an "
+"LDAP attribute corresponding to its <citerefentry> <refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> counterpart "
+"(password inactivity period)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:469
+msgid "Default: shadowInactive"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:475
+msgid "ldap_user_shadow_expire (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:478
+msgid ""
+"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this "
+"parameter contains the name of an LDAP attribute corresponding to its "
+"<citerefentry> <refentrytitle>shadow</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> counterpart (account expiration date)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:488
+msgid "Default: shadowExpire"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:494
+msgid "ldap_user_krb_last_pwd_change (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:497
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time of last password change in "
+"kerberos."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:503
+msgid "Default: krbLastPwdChange"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:509
+msgid "ldap_user_krb_password_expiration (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:512
+msgid ""
+"When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of "
+"an LDAP attribute storing the date and time when current password expires."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:518
+msgid "Default: krbPasswordExpiration"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:524
+msgid "ldap_user_ad_account_expires (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:527
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the expiration time of the account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:532
+msgid "Default: accountExpires"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:538
+msgid "ldap_user_ad_user_account_control (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:541
+msgid ""
+"When using ldap_account_expire_policy=ad, this parameter contains the name "
+"of an LDAP attribute storing the user account control bit field."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:546
+msgid "Default: userAccountControl"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:552
+msgid "ldap_ns_account_lock (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:555
+msgid ""
+"When using ldap_account_expire_policy=rhds or equivalent, this parameter "
+"determines if access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:560
+msgid "Default: nsAccountLock"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:566
+msgid "ldap_user_nds_login_disabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:569
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines if "
+"access is allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:573 sssd-ldap.5.xml:587
+msgid "Default: loginDisabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:579
+msgid "ldap_user_nds_login_expiration_time (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:582
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines until "
+"which date access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:593
+msgid "ldap_user_nds_login_allowed_time_map (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:596
+msgid ""
+"When using ldap_account_expire_policy=nds, this attribute determines the "
+"hours of a day in a week when access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:601
+msgid "Default: loginAllowedTimeMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:607
+msgid "ldap_user_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:610
+msgid ""
+"The LDAP attribute that contains the user's Kerberos User Principal Name "
+"(UPN)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:614
+msgid "Default: krbPrincipalName"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:620
+msgid "ldap_user_ssh_public_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:623
+msgid "The LDAP attribute that contains the user's SSH public keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:630
+msgid "ldap_force_upper_case_realm (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:633
+msgid ""
+"Some directory servers, for example Active Directory, might deliver the "
+"realm part of the UPN in lower case, which might cause the authentication to "
+"fail. Set this option to a non-zero value if you want to use an upper-case "
+"realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:646
+msgid "ldap_enumeration_refresh_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:649
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing its cache of "
+"enumerated records."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:660
+msgid "ldap_purge_cache_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:663
+msgid ""
+"Determine how often to check the cache for inactive entries (such as groups "
+"with no members and users who have never logged in) and remove them to save "
+"space."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:669
+msgid "Setting this option to zero will disable the cache cleanup operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:673
+msgid "Default: 10800 (12 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:679
+msgid "ldap_user_fullname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:682
+msgid "The LDAP attribute that corresponds to the user's full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
+#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
+#: sssd-ipa.5.xml:498
+msgid "Default: cn"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:692
+msgid "ldap_user_member_of (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:695
+msgid "The LDAP attribute that lists the user's group memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:402
+msgid "Default: memberOf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:705
+msgid "ldap_user_authorized_service (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:708
+msgid ""
+"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will "
+"use the presence of the authorizedService attribute in the user's LDAP entry "
+"to determine access privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:715
+msgid ""
+"An explicit deny (!svc) is resolved first. Second, SSSD searches for "
+"explicit allow (svc) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:720
+msgid "Default: authorizedService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:726
+msgid "ldap_user_authorized_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:729
+msgid ""
+"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
+"presence of the host attribute in the user's LDAP entry to determine access "
+"privilege."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:735
+msgid ""
+"An explicit deny (!host) is resolved first. Second, SSSD searches for "
+"explicit allow (host) and finally for allow_all (*)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:740
+msgid "Default: host"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:746
+msgid "ldap_group_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:749
+msgid "The object class of a group entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:752
+msgid "Default: posixGroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:758
+msgid "ldap_group_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:761
+msgid "The LDAP attribute that corresponds to the group name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:771
+msgid "ldap_group_gid_number (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:774
+msgid "The LDAP attribute that corresponds to the group's id."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:784
+msgid "ldap_group_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:787
+msgid "The LDAP attribute that contains the names of the group's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:791
+msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:797
+msgid "ldap_group_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:800
+msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:810
+msgid "ldap_group_objectsid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:813
+msgid ""
+"The LDAP attribute that contains the objectSID of an LDAP group object. This "
+"is usually only necessary for ActiveDirectory servers."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:825
+msgid "ldap_group_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:838
+msgid "ldap_group_nesting_level (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:841
+msgid ""
+"If ldap_schema is set to a schema format that supports nested groups (e.g. "
+"RFC2307bis), then this option controls how many levels of nesting SSSD will "
+"follow. This option has no effect on the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:848
+msgid "Default: 2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:854
+msgid "ldap_groups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:857
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which may speed up group lookup operations on deployments with "
+"complex or deep nested groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:863
+msgid ""
+"In most common cases, it is best to leave this option disabled. It generally "
+"only provides a performance increase on very complex nestings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+msgid ""
+"If this option is enabled, SSSD will use it if it detects that the server "
+"supports it during initial connection. So \"True\" here essentially means "
+"\"auto-detect\"."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+msgid ""
+"Note: This feature is currently known to work only with Active Directory "
+"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
+"windows/desktop/aa746475%28v=vs.85%29.aspx\"> MSDN(TM) documentation</ulink> "
+"for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
+#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+msgid "Default: False"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:886
+msgid "ldap_initgroups_use_matching_rule_in_chain"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:889
+msgid ""
+"This option tells SSSD to take advantage of an Active Directory-specific "
+"feature which might speed up initgroups operations (most notably when "
+"dealing with complex or deep nested groups)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:913
+msgid "ldap_netgroup_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:916
+msgid "The object class of a netgroup entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:919
+msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:923
+msgid "Default: nisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:929
+msgid "ldap_netgroup_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:932
+msgid "The LDAP attribute that corresponds to the netgroup name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:936
+msgid "In IPA provider, ipa_netgroup_name should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:946
+msgid "ldap_netgroup_member (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:949
+msgid "The LDAP attribute that contains the names of the netgroup's members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:953
+msgid "In IPA provider, ipa_netgroup_member should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:957
+msgid "Default: memberNisNetgroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:963
+msgid "ldap_netgroup_triple (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:966
+msgid ""
+"The LDAP attribute that contains the (host, user, domain) netgroup triples."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+msgid "This option is not available in IPA provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:973
+msgid "Default: nisNetgroupTriple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:979
+msgid "ldap_netgroup_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:982
+msgid ""
+"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:986
+msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:996
+msgid "ldap_netgroup_modify_timestamp (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1012
+msgid "ldap_service_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1015
+msgid "The object class of a service entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1018
+msgid "Default: ipService"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1024
+msgid "ldap_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1027
+msgid ""
+"The LDAP attribute that contains the name of service attributes and their "
+"aliases."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1037
+msgid "ldap_service_port (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1040
+msgid "The LDAP attribute that contains the port managed by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1044
+msgid "Default: ipServicePort"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1050
+msgid "ldap_service_proto (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1053
+msgid ""
+"The LDAP attribute that contains the protocols understood by this service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1057
+msgid "Default: ipServiceProtocol"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1063
+msgid "ldap_service_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1068
+msgid "ldap_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1071
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches are allowed to run "
+"before they are cancelled and cached results are returned (and offline mode "
+"is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1077
+msgid ""
+"Note: this option is subject to change in future versions of the SSSD. It "
+"will likely be replaced at some point by a series of timeouts for specific "
+"lookup types."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-krb5.5.xml:226
+msgid "Default: 6"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1089
+msgid "ldap_enumeration_search_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1092
+msgid ""
+"Specifies the timeout (in seconds) that ldap searches for user and group "
+"enumerations are allowed to run before they are cancelled and cached results "
+"are returned (and offline mode is entered)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1105
+msgid "ldap_network_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1108
+msgid ""
+"Specifies the timeout (in seconds) after which the <citerefentry> "
+"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
+"<citerefentry> <refentrytitle>select</refentrytitle> <manvolnum>2</"
+"manvolnum> </citerefentry> following a <citerefentry> "
+"<refentrytitle>connect</refentrytitle> <manvolnum>2</manvolnum> </"
+"citerefentry> returns in case of no activity."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1131
+msgid "ldap_opt_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1134
+msgid ""
+"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
+"will abort if no response is received. Also controls the timeout when "
+"communicating with the KDC in case of SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1146
+msgid "ldap_connection_expire_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1149
+msgid ""
+"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
+"maintained. After this time, the connection will be re-established. If used "
+"in parallel with SASL/GSSAPI, the sooner of the two values (this value vs. "
+"the TGT lifetime) will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+msgid "Default: 900 (15 minutes)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1163
+msgid "ldap_page_size (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1166
+msgid ""
+"Specify the number of records to retrieve from LDAP in a single request. "
+"Some LDAP servers enforce a maximum limit per-request."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1171
+msgid "Default: 1000"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1177
+msgid "ldap_disable_paging (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1180
+msgid ""
+"Disable the LDAP paging control. This option should be used if the LDAP "
+"server reports that it supports the LDAP paging control in its RootDSE but "
+"it is not enabled or does not behave properly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1186
+msgid ""
+"Example: OpenLDAP servers with the paging control module installed on the "
+"server but not enabled will report it in the RootDSE but be unable to use it."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1192
+msgid ""
+"Example: 389 DS has a bug where it can only support a one paging control at "
+"a time on a single connection. On busy clients, this can result in some "
+"requests being denied."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1204
+msgid "ldap_sasl_minssf (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1207
+msgid ""
+"When communicating with an LDAP server using SASL, specify the minimum "
+"security level necessary to establish the connection. The values of this "
+"option are defined by OpenLDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1213
+msgid "Default: Use the system default (usually specified by ldap.conf)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1220
+msgid "ldap_deref_threshold (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1223
+msgid ""
+"Specify the number of group members that must be missing from the internal "
+"cache in order to trigger a dereference lookup. If less members are missing, "
+"they are looked up individually."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1229
+msgid ""
+"You can turn off dereference lookups completely by setting the value to 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1233
+msgid ""
+"A dereference lookup is a means of fetching all group members in a single "
+"LDAP call. Different LDAP servers may implement different dereference "
+"methods. The currently supported servers are 389/RHDS, OpenLDAP and Active "
+"Directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1241
+msgid ""
+"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
+"filter, then the dereference lookup performance enhancement will be disabled "
+"regardless of this setting."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1254
+msgid "ldap_tls_reqcert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1257
+msgid ""
+"Specifies what checks to perform on server certificates in a TLS session, if "
+"any. It can be specified as one of the following values:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1263
+msgid ""
+"<emphasis>never</emphasis> = The client will not request or check any server "
+"certificate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1267
+msgid ""
+"<emphasis>allow</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, it will be ignored and the session proceeds normally."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1274
+msgid ""
+"<emphasis>try</emphasis> = The server certificate is requested. If no "
+"certificate is provided, the session proceeds normally. If a bad certificate "
+"is provided, the session is immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1280
+msgid ""
+"<emphasis>demand</emphasis> = The server certificate is requested. If no "
+"certificate is provided, or a bad certificate is provided, the session is "
+"immediately terminated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1286
+msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1290
+msgid "Default: hard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1296
+msgid "ldap_tls_cacert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1299
+msgid ""
+"Specifies the file that contains certificates for all of the Certificate "
+"Authorities that <command>sssd</command> will recognize."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+msgid ""
+"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
+"conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1311
+msgid "ldap_tls_cacertdir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1314
+msgid ""
+"Specifies the path of a directory that contains Certificate Authority "
+"certificates in separate individual files. Typically the file names need to "
+"be the hash of the certificate followed by '.0'. If available, "
+"<command>cacertdir_rehash</command> can be used to create the correct names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1329
+msgid "ldap_tls_cert (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1332
+msgid "Specifies the file that contains the certificate for the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1342
+msgid "ldap_tls_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1345
+msgid "Specifies the file that contains the client's key."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1354
+msgid "ldap_tls_cipher_suite (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1357
+msgid ""
+"Specifies acceptable cipher suites. Typically this is a colon sperated "
+"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> for format."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1370
+msgid "ldap_id_use_start_tls (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1373
+msgid ""
+"Specifies that the id_provider connection must also use <systemitem class="
+"\"protocol\">tls</systemitem> to protect the channel."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1383
+msgid "ldap_id_mapping (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1386
+msgid ""
+"Specifies that SSSD should attempt to map user and group IDs from the "
+"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
+"on ldap_user_uid_number and ldap_group_gid_number."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1392
+msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1402
+msgid "ldap_sasl_mech (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1405
+msgid ""
+"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
+"supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1415
+msgid "ldap_sasl_authid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1418
+msgid ""
+"Specify the SASL authorization id to use. When GSSAPI is used, this "
+"represents the Kerberos principal used for authentication to the directory. "
+"This option can either contain the full principal (for example host/"
+"myhost@EXAMPLE.COM) or just the principal name (for example host/myhost)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1426
+msgid "Default: host/hostname@REALM"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1432
+msgid "ldap_sasl_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1435
+msgid ""
+"Specify the SASL realm to use. When not specified, this option defaults to "
+"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
+"well, this option is ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1441
+msgid "Default: the value of krb5_realm."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1447
+msgid "ldap_sasl_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1450
+msgid ""
+"If set to true, the LDAP library would perform a reverse lookup to "
+"canonicalize the host name during a SASL bind."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1455
+msgid "Default: false;"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1461
+msgid "ldap_krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1464
+msgid "Specify the keytab to use when using SASL/GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1467
+msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1473
+msgid "ldap_krb5_init_creds (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1476
+msgid ""
+"Specifies that the id_provider should init Kerberos credentials (TGT). This "
+"action is performed only if SASL is used and the mechanism selected is "
+"GSSAPI."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1488
+msgid "ldap_krb5_ticket_lifetime (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1491
+msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1495
+msgid "Default: 86400 (24 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+msgid "krb5_server, krb5_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1504
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled - for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+msgid ""
+"When using service discovery for KDC or kpasswd servers, SSSD first searches "
+"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
+"none are found."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+msgid ""
+"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
+"While the legacy name is recognized for the time being, users are advised to "
+"migrate their config files to use <quote>krb5_server</quote> instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:274 sssd-krb5.5.xml:103
+msgid "krb5_realm (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1533
+msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1536
+msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:289 sssd-krb5.5.xml:418
+msgid "krb5_canonicalize (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1545
+msgid ""
+"Specifies if the host principal should be canonicalized when connecting to "
+"LDAP server. This feature is available with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1557
+msgid "ldap_pwd_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1560
+msgid ""
+"Select the policy to evaluate the password expiration on the client side. "
+"The following values are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1565
+msgid ""
+"<emphasis>none</emphasis> - No evaluation on the client side. This option "
+"cannot disable server-side password policies."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1570
+msgid ""
+"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
+"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
+"evaluate if the password has expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1576
+msgid ""
+"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
+"to determine if the password has expired. Use chpass_provider=krb5 to update "
+"these attributes when the password is changed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1582
+msgid "Default: none"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1588
+msgid "ldap_referrals (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1591
+msgid "Specifies whether automatic referral chasing should be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595
+msgid ""
+"Please note that sssd only supports referral chasing when it is compiled "
+"with OpenLDAP version 2.4.13 or higher."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1600
+msgid ""
+"Chasing referrals may incur a performance penalty in environments that use "
+"them heavily, a notable example is Microsoft Active Directory. If your setup "
+"does not in fact require the use of referrals, setting this option to false "
+"might bring a noticeable performance improvement."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1614
+msgid "ldap_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1617
+msgid "Specifies the service name to use when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1621
+msgid "Default: ldap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1627
+msgid "ldap_chpass_dns_service_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1630
+msgid ""
+"Specifies the service name to use to find an LDAP server which allows "
+"password changes when service discovery is enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1635
+msgid "Default: not set, i.e. service discovery is disabled"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1641
+msgid "ldap_chpass_update_last_change (bool)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1644
+msgid ""
+"Specifies whether to update the ldap_user_shadow_last_change attribute with "
+"days since the Epoch after a password change operation."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1656
+msgid "ldap_access_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1659
+msgid ""
+"If using access_provider = ldap and ldap_access_order = filter (default), "
+"this option is mandatory. It specifies an LDAP search filter criteria that "
+"must be met for the user to be granted access on this host. If "
+"access_provider = ldap, ldap_access_order = filter and this option is not "
+"set, it will result in all users being denied access. Use access_provider = "
+"permit to change this default behavior."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+msgid "Example:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:1674
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1678
+msgid ""
+"This example means that access to this host is restricted to members of the "
+"\"allowedusers\" group in ldap."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1683
+msgid ""
+"Offline caching for this feature is limited to determining whether the "
+"user's last online login was granted access permission. If they were granted "
+"access during their last login, they will continue to be granted access "
+"while offline and vice-versa."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+msgid "Default: Empty"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1697
+msgid "ldap_account_expire_policy (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1700
+msgid ""
+"With this option a client side evaluation of access control attributes can "
+"be enabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1704
+msgid ""
+"Please note that it is always recommended to use server side access control, "
+"i.e. the LDAP server should deny the bind request with a suitable error code "
+"even if the password is correct."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1711
+msgid "The following values are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1714
+msgid ""
+"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
+"determine if the account is expired."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1719
+msgid ""
+"<emphasis>ad</emphasis>: use the value of the 32bit field "
+"ldap_user_ad_user_account_control and allow access if the second bit is not "
+"set. If the attribute is missing access is granted. Also the expiration time "
+"of the account is checked."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1726
+msgid ""
+"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
+"emphasis>: use the value of ldap_ns_account_lock to check if access is "
+"allowed or not."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1732
+msgid ""
+"<emphasis>nds</emphasis>: the values of "
+"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
+"ldap_user_nds_login_expiration_time are used to check if access is allowed. "
+"If both attributes are missing access is granted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1747
+msgid "ldap_access_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1750
+msgid "Comma separated list of access control options. Allowed values are:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1754
+msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1757
+msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1761
+msgid ""
+"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
+"to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1766
+msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1770
+msgid "Default: filter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1773
+msgid ""
+"Please note that it is a configuration error if a value is used more than "
+"once."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1780
+msgid "ldap_deref (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1783
+msgid ""
+"Specifies how alias dereferencing is done when performing a search. The "
+"following options are allowed:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1788
+msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1792
+msgid ""
+"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
+"the base object, but not in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1797
+msgid ""
+"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
+"the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1802
+msgid ""
+"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
+"in locating the base object of the search."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1807
+msgid ""
+"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
+"client libraries)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1815
+msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1818
+msgid ""
+"Allows to retain local users as members of an LDAP group for servers that "
+"use the RFC2307 schema."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1822
+msgid ""
+"In some environments where the RFC2307 schema is used, local users are made "
+"members of LDAP groups by adding their names to the memberUid attribute. "
+"The self-consistency of the domain is compromised when this is done, so SSSD "
+"would normally remove the \"missing\" users from the cached group "
+"memberships as soon as nsswitch tries to fetch information about the user "
+"via getpw*() or initgroups() calls."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1833
+msgid ""
+"This option falls back to checking if local users are referenced, and caches "
+"them so that later initgroups() calls will augment the local users with the "
+"additional LDAP groups."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:51
+msgid ""
+"All of the common configuration options that apply to SSSD domains also "
+"apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section "
+"of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for full details. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:1849
+msgid "SUDO OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1853
+msgid "ldap_sudorule_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1856
+msgid "The object class of a sudo rule entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1859
+msgid "Default: sudoRole"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1865
+msgid "ldap_sudorule_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1868
+msgid "The LDAP attribute that corresponds to the sudo rule name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1878
+msgid "ldap_sudorule_command (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1881
+msgid "The LDAP attribute that corresponds to the command name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1885
+msgid "Default: sudoCommand"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1891
+msgid "ldap_sudorule_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1894
+msgid ""
+"The LDAP attribute that corresponds to the host name (or host IP address, "
+"host IP network, or host netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1899
+msgid "Default: sudoHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1905
+msgid "ldap_sudorule_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1908
+msgid ""
+"The LDAP attribute that corresponds to the user name (or UID, group name or "
+"user's netgroup)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1912
+msgid "Default: sudoUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1918
+msgid "ldap_sudorule_option (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1921
+msgid "The LDAP attribute that corresponds to the sudo options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1925
+msgid "Default: sudoOption"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1931
+msgid "ldap_sudorule_runasuser (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1934
+msgid ""
+"The LDAP attribute that corresponds to the user name that commands may be "
+"run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1938
+msgid "Default: sudoRunAsUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1944
+msgid "ldap_sudorule_runasgroup (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1947
+msgid ""
+"The LDAP attribute that corresponds to the group name or group GID that "
+"commands may be run as."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1951
+msgid "Default: sudoRunAsGroup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1957
+msgid "ldap_sudorule_notbefore (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1960
+msgid ""
+"The LDAP attribute that corresponds to the start date/time for when the sudo "
+"rule is valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1964
+msgid "Default: sudoNotBefore"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1970
+msgid "ldap_sudorule_notafter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1973
+msgid ""
+"The LDAP attribute that corresponds to the expiration date/time, after which "
+"the sudo rule will no longer be valid."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1978
+msgid "Default: sudoNotAfter"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1984
+msgid "ldap_sudorule_order (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1987
+msgid "The LDAP attribute that corresponds to the ordering index of the rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1991
+msgid "Default: sudoOrder"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1997
+msgid "ldap_sudo_full_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2000
+msgid ""
+"How many seconds SSSD will wait between executing a full refresh of sudo "
+"rules (which downloads all rules that are stored on the server)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2005
+msgid ""
+"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
+"emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2010
+msgid "Default: 21600 (6 hours)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2016
+msgid "ldap_sudo_smart_refresh_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2019
+msgid ""
+"How many seconds SSSD has to wait before executing a smart refresh of sudo "
+"rules (which downloads all rules that have USN higher than the highest USN "
+"of cached rules)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2025
+msgid ""
+"If USN attributes are not supported by the server, the modifyTimestamp "
+"attribute is used instead."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2035
+msgid "ldap_sudo_use_host_filter (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2038
+msgid ""
+"If true, SSSD will download only rules that are applicable to this machine "
+"(using the IPv4 or IPv6 host/network addresses and hostnames)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2049
+msgid "ldap_sudo_hostnames (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2052
+msgid ""
+"Space separated list of hostnames or fully qualified domain names that "
+"should be used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2057
+msgid ""
+"If this option is empty, SSSD will try to discover the hostname and the "
+"fully qualified domain name automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
+#: sssd-ldap.5.xml:2121
+msgid ""
+"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
+"emphasis> then this option has no effect."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+msgid "Default: not specified"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2073
+msgid "ldap_sudo_ip (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2076
+msgid ""
+"Space separated list of IPv4 or IPv6 host/network addresses that should be "
+"used to filter the rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2081
+msgid ""
+"If this option is empty, SSSD will try to discover the addresses "
+"automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2096
+msgid "ldap_sudo_include_netgroups (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2099
+msgid ""
+"If true then SSSD will download every rule that contains a netgroup in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2114
+msgid "ldap_sudo_include_regexp (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2117
+msgid ""
+"If true then SSSD will download every rule that contains a wildcard in "
+"sudoHost attribute."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:1851
+msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2133
+msgid ""
+"This manual page only describes attribute name mapping. For detailed "
+"explanation of sudo related attribute semantics, see <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2143
+msgid "AUTOFS OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2145
+msgid ""
+"Please note that the default values correspond to the default schema which "
+"is RFC2307."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2151
+msgid "ldap_autofs_map_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+msgid "The object class of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+msgid "Default: automountMap"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2164
+msgid "ldap_autofs_map_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2167
+msgid "The name of an automount map entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2170
+msgid "Default: ou"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2177
+msgid "ldap_autofs_entry_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2191
+msgid "ldap_autofs_entry_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+msgid ""
+"The key of an automount entry in LDAP. The entry usually corresponds to a "
+"mount point."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2205
+msgid "ldap_autofs_entry_value (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2212
+msgid "Default: automountInformation"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2149
+msgid ""
+"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
+"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
+"<placeholder type=\"variablelist\" id=\"3\"/> <placeholder type="
+"\"variablelist\" id=\"4\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2222
+msgid "ADVANCED OPTIONS"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2229
+msgid "ldap_netgroup_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2234
+msgid "ldap_user_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2239
+msgid "ldap_group_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2244
+msgid "ldap_user_search_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2247
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict user searches."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2251
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_user_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
+#: sssd-ldap.5.xml:2261
+#, no-wrap
+msgid ""
+" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2264
+msgid ""
+"This filter would restrict user searches to users that have their shell set "
+"to /bin/tcsh."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2271
+msgid "ldap_group_search_filter (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2274
+msgid ""
+"This option specifies an additional LDAP search filter criteria that "
+"restrict group searches."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:2278
+msgid ""
+"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
+"by ldap_group_search_base."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2288
+msgid "ldap_sudo_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:2293
+msgid "ldap_autofs_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2224
+msgid ""
+"These options are supported by LDAP domains, but they should be used with "
+"caution. Please include them in your configuration only if you know what you "
+"are doing. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2310
+msgid ""
+"The following example assumes that SSSD is correctly configured and LDAP is "
+"set to one of the domains in the <replaceable>[domains]</replaceable> "
+"section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ldap.5.xml:2316
+#, no-wrap
+msgid ""
+" [domain/LDAP]\n"
+" id_provider = ldap\n"
+" auth_provider = ldap\n"
+" ldap_uri = ldap://ldap.mydomain.org\n"
+" ldap_search_base = dc=mydomain,dc=org\n"
+" ldap_tls_reqcert = demand\n"
+" cache_credentials = true\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:651
+#: sssd-ad.5.xml:237 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99
+#: sssd-krb5.5.xml:450 include/ldap_id_mapping.xml:63
+msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:252
+#: sss_seed.8.xml:163
+msgid "NOTES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ldap.5.xml:2330
+msgid ""
+"The descriptions of some of the configuration options in this manual page "
+"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page from the OpenLDAP 2.4 "
+"distribution."
+msgstr ""
+
+#. type: Content of: <refentryinfo>
+#: pam_sss.8.xml:8 include/upstream.xml:2
+msgid ""
+"<productname>SSSD</productname> <orgname>The SSSD upstream - http://"
+"fedorahosted.org/sssd</orgname>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: pam_sss.8.xml:13 pam_sss.8.xml:18
+msgid "pam_sss"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: pam_sss.8.xml:19
+msgid "PAM module for SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: pam_sss.8.xml:24
+msgid ""
+"<command>pam_sss.so</command> <arg choice='opt'> <replaceable>quiet</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>forward_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_first_pass</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>use_authtok</"
+"replaceable> </arg> <arg choice='opt'> <replaceable>retry=N</replaceable> </"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:45
+msgid ""
+"<command>pam_sss.so</command> is the PAM interface to the System Security "
+"Services daemon (SSSD). Errors and results are logged through <command>syslog"
+"(3)</command> with the LOG_AUTHPRIV facility."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:55
+msgid "<option>quiet</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:58
+msgid "Suppress log messages for unknown users."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:63
+msgid "<option>forward_pass</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:66
+msgid ""
+"If <option>forward_pass</option> is set the entered password is put on the "
+"stack for other PAM modules to use."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:73
+msgid "<option>use_first_pass</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:76
+msgid ""
+"The argument use_first_pass forces the module to use a previous stacked "
+"modules password and will never prompt the user - if no password is "
+"available or the password is not appropriate, the user will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:84
+msgid "<option>use_authtok</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:87
+msgid ""
+"When password changing enforce the module to set the new password to the one "
+"provided by a previously stacked password module."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: pam_sss.8.xml:94
+msgid "<option>retry=N</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:97
+msgid ""
+"If specified the user is asked another N times for a password if "
+"authentication fails. Default is 0."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: pam_sss.8.xml:99
+msgid ""
+"Please note that this option might not work as expected if the application "
+"calling PAM handles the user dialog on its own. A typical example is "
+"<command>sshd</command> with <option>PasswordAuthentication</option>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:110
+msgid "MODULE TYPES PROVIDED"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:111
+msgid ""
+"All module types (<option>account</option>, <option>auth</option>, "
+"<option>password</option> and <option>session</option>) are provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: pam_sss.8.xml:117
+msgid "FILES"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:118
+msgid ""
+"If a password reset by root fails, because the corresponding SSSD provider "
+"does not support password resets, an individual message can be displayed. "
+"This message can e.g. contain instructions about how to reset a password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:123
+msgid ""
+"The message is read from the file <filename>pam_sss_pw_reset_message.LOC</"
+"filename> where LOC stands for a locale string returned by <citerefentry> "
+"<refentrytitle>setlocale</refentrytitle><manvolnum>3</manvolnum> </"
+"citerefentry>. If there is no matching file the content of "
+"<filename>pam_sss_pw_reset_message.txt</filename> is displayed. Root must be "
+"the owner of the files and only root may have read and write permissions "
+"while all other users must have only read permissions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: pam_sss.8.xml:133
+msgid ""
+"These files are searched in the directory <filename>/etc/sssd/customize/"
+"DOMAIN_NAME/</filename>. If no matching file is present a generic message is "
+"displayed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15
+msgid "sssd_krb5_locator_plugin"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:22
+msgid ""
+"The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is "
+"used by the Kerberos provider of <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> to tell the Kerberos "
+"libraries what Realm and which KDC to use. Typically this is done in "
+"<citerefentry> <refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> which is always read by the Kerberos libraries. "
+"To simplify the configuration the Realm and the KDC can be defined in "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> as described in <citerefentry> "
+"<refentrytitle>sssd-krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:48
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry> puts the Realm and the name or IP address of the KDC into "
+"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. "
+"When <command>sssd_krb5_locator_plugin</command> is called by the kerberos "
+"libraries it reads and evaluates these variables and returns them to the "
+"libraries."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:63
+msgid ""
+"Not all Kerberos implementations support the use of plugins. If "
+"<command>sssd_krb5_locator_plugin</command> is not available on your system "
+"you have to edit /etc/krb5.conf to reflect your Kerberos setup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd_krb5_locator_plugin.8.xml:69
+msgid ""
+"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value "
+"debug messages will be sent to stderr."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-simple.5.xml:10 sssd-simple.5.xml:16
+msgid "sssd-simple"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-simple.5.xml:17
+msgid "the configuration file for SSSD's 'simple' access-control provider"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:24
+msgid ""
+"This manual page describes the configuration of the simple access-control "
+"provider for <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry>. For a detailed syntax reference, "
+"refer to the <quote>FILE FORMAT</quote> section of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:38
+msgid ""
+"The simple access provider grants or denies access based on an access or "
+"deny list of user or group names. The following rules apply:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:43
+msgid "If all lists are empty, access is granted"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:47
+msgid ""
+"If any list is provided, the order of evaluation is allow,deny. This means "
+"that any matching deny rule will supersede any matched allow rule."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:54
+msgid ""
+"If either or both \"allow\" lists are provided, all users are denied unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para>
+#: sssd-simple.5.xml:60
+msgid ""
+"If only \"deny\" lists are provided, all users are granted access unless "
+"they appear in the list."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:78
+msgid "simple_allow_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:81
+msgid "Comma separated list of users who are allowed to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:88
+msgid "simple_deny_users (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:91
+msgid "Comma separated list of users who are explicitly denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:97
+msgid "simple_allow_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:100
+msgid ""
+"Comma separated list of groups that are allowed to log in. This applies only "
+"to groups within this SSSD domain. Local groups are not evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-simple.5.xml:108
+msgid "simple_deny_groups (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-simple.5.xml:111
+msgid ""
+"Comma separated list of groups that are explicitly denied access. This "
+"applies only to groups within this SSSD domain. Local groups are not "
+"evaluated."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:70 sssd-ipa.5.xml:71 sssd-ad.5.xml:76
+msgid ""
+"Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> "
+"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> manual page for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:120
+msgid ""
+"Specifying no values for any of the lists is equivalent to skipping it "
+"entirely. Beware of this while generating parameters for the simple provider "
+"using automated scripts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:125
+msgid ""
+"Please note that it is an configuration error if both, simple_allow_users "
+"and simple_deny_users, are defined."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-simple.5.xml:133
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the simple access provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-simple.5.xml:140
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" access_provider = simple\n"
+" simple_allow_users = user1, user2\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16
+msgid "sssd-ipa"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:23
+msgid ""
+"This manual page describes the configuration of the IPA provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:36
+msgid ""
+"The IPA provider is a back end used to connect to an IPA server. (Refer to "
+"the freeipa.org web site for information about IPA servers.) This provider "
+"requires that the machine be joined to the IPA domain; configuration is "
+"almost entirely self-discovered and obtained directly from the server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:43
+msgid ""
+"The IPA provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:55
+msgid ""
+"However, it is neither necessary nor recommended to set these options. IPA "
+"provider can also be used as an access and chpass provider. As an access "
+"provider it uses HBAC (host-based access control) rules. Please refer to "
+"freeipa.org for more information about HBAC. No configuration of access "
+"provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:62
+msgid ""
+"The IPA provider will use the PAC responder if the Kerberos tickets of users "
+"from trusted realms contain a PAC. To make configuration easier the PAC "
+"responder is started automatically if the IPA ID provider is configured."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:78
+msgid "ipa_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:81
+msgid ""
+"Specifies the name of the IPA domain. This is optional. If not provided, "
+"the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:89
+msgid "ipa_server, ipa_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:92
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the IPA servers to "
+"which SSSD should connect in the order of preference. For more information "
+"on failover and server redundancy, see the <quote>FAILOVER</quote> section. "
+"This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:105
+msgid "ipa_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:108
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the IPA domain to identify this host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:116
+msgid "ipa_dyndns_update (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:119
+msgid ""
+"Optional. This option tells SSSD to automatically update the DNS server "
+"built into FreeIPA v2 with the IP address of this client."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:124
+msgid ""
+"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
+"the default Kerberos realm must be set properly in /etc/krb5.conf"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:135
+msgid "ipa_dyndns_ttl (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:138
+msgid ""
+"The TTL to apply to the client DNS record when updating it. If "
+"ipa_dyndns_update is false this has no effect. This will override the TTL "
+"serverside if set by an administrator."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:143
+msgid "Default: 1200 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:149
+msgid "ipa_dyndns_iface (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:152
+msgid ""
+"Optional. Applicable only when ipa_dyndns_update is true. Choose the "
+"interface whose IP address should be used for dynamic DNS updates."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:157
+msgid "Default: Use the IP address of the IPA LDAP connection"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:163
+msgid "ipa_hbac_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:166
+msgid "Optional. Use the given string as search base for HBAC related objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:170
+msgid "Default: Use base DN"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:176
+msgid "ipa_host_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:179
+msgid "Optional. Use the given string as search base for host objects."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:183 sssd-ipa.5.xml:207 sssd-ipa.5.xml:226 sssd-ipa.5.xml:245
+msgid ""
+"See <quote>ldap_search_base</quote> for information about configuring "
+"multiple search bases."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:188
+msgid ""
+"If filter is given in any of search bases and "
+"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
+"will be ignored."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: sssd-ipa.5.xml:193 sssd-ipa.5.xml:212 include/ldap_search_bases.xml:23
+#: include/ldap_search_bases_experimental.xml:23
+msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:200
+msgid "ipa_selinux_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:203
+msgid "Optional. Use the given string as search base for SELinux user maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:219
+msgid "ipa_subdomains_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:222
+msgid "Optional. Use the given string as search base for trusted domains."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:231
+msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:238
+msgid "ipa_master_domain_search_base (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:241
+msgid "Optional. Use the given string as search base for master domain object."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:250
+msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:257 sssd-krb5.5.xml:232
+msgid "krb5_validate (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:260
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:267
+msgid ""
+"Note that this default differs from the traditional Kerberos provider back "
+"end."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:277
+msgid ""
+"The name of the Kerberos realm. This is optional and defaults to the value "
+"of <quote>ipa_domain</quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:281
+msgid ""
+"The name of the Kerberos realm has a special meaning in IPA - it is "
+"converted into the base DN to use for performing LDAP operations."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:292
+msgid ""
+"Specifies if the host and user principal should be canonicalized when "
+"connecting to IPA LDAP and also for AS requests. This feature is available "
+"with MIT Kerberos >= 1.7"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:305
+msgid "ipa_hbac_refresh (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:308
+msgid ""
+"The amount of time between lookups of the HBAC rules against the IPA server. "
+"This will reduce the latency and load on the IPA server if there are many "
+"access-control requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:315 sssd-ipa.5.xml:331
+msgid "Default: 5 (seconds)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:321
+msgid "ipa_hbac_selinux (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:324
+msgid ""
+"The amount of time between lookups of the SELinux maps against the IPA "
+"server. This will reduce the latency and load on the IPA server if there are "
+"many user login requests made in a short period."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:337
+msgid "ipa_hbac_treat_deny_as (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:340
+msgid ""
+"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
+"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
+"of FreeIPA will need to migrate their rules to use only the ALLOW rules. The "
+"client will support two modes of operation during this transition period:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:349
+msgid ""
+"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
+"users will be denied access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:354
+msgid ""
+"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
+"careful with this option, as it may result in opening unintended access."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:359
+msgid "Default: DENY_ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:364
+msgid "ipa_hbac_support_srchost (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:367
+msgid ""
+"If this is set to false, then srchost as given to SSSD by PAM will be "
+"ignored."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:371
+msgid ""
+"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
+"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:382
+msgid "ipa_automount_location (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:385
+msgid "The automounter location this IPA client will be using"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:388
+msgid "Default: The location named \"default\""
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:395
+msgid "ipa_netgroup_member_of (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:398
+msgid "The LDAP attribute that lists netgroup's memberships."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:407
+msgid "ipa_netgroup_member_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:410
+msgid ""
+"The LDAP attribute that lists system users and groups that are direct "
+"members of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:415 sssd-ipa.5.xml:510
+msgid "Default: memberUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:420
+msgid "ipa_netgroup_member_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:423
+msgid ""
+"The LDAP attribute that lists hosts and host groups that are direct members "
+"of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:427 sssd-ipa.5.xml:522
+msgid "Default: memberHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:432
+msgid "ipa_netgroup_member_ext_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:435
+msgid ""
+"The LDAP attribute that lists FQDNs of hosts and host groups that are "
+"members of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:439
+msgid "Default: externalHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:444
+msgid "ipa_netgroup_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:447
+msgid "The LDAP attribute that contains NIS domain name of the netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:451
+msgid "Default: nisDomainName"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:457
+msgid "ipa_host_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:460 sssd-ipa.5.xml:483
+msgid "The object class of a host entry in LDAP."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:463 sssd-ipa.5.xml:486
+msgid "Default: ipaHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:468
+msgid "ipa_host_fqdn (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:471
+msgid "The LDAP attribute that contains FQDN of the host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:474
+msgid "Default: fqdn"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:480
+msgid "ipa_selinux_usermap_object_class (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:491
+msgid "ipa_selinux_usermap_name (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:494
+msgid "The LDAP attribute that contains the name of SELinux usermap."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:503
+msgid "ipa_selinux_usermap_member_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:506
+msgid ""
+"The LDAP attribute that contains all users / groups this rule match against."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:515
+msgid "ipa_selinux_usermap_member_host (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:518
+msgid ""
+"The LDAP attribute that contains all hosts / hostgroups this rule match "
+"against."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:527
+msgid "ipa_selinux_usermap_see_also (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:530
+msgid ""
+"The LDAP attribute that contains DN of HBAC rule which can be used for "
+"matching instead of memberUser and memberHost"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:535
+msgid "Default: seeAlso"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:540
+msgid "ipa_selinux_usermap_selinux_user (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:543
+msgid "The LDAP attribute that contains SELinux user string itself."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:547
+msgid "Default: ipaSELinuxUser"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:552
+msgid "ipa_selinux_usermap_enabled (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:555
+msgid ""
+"The LDAP attribute that contains whether or not is user map enabled for "
+"usage."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:559
+msgid "Default: ipaEnabledFlag"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:564
+msgid "ipa_selinux_usermap_user_category (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:567
+msgid "The LDAP attribute that contains user category such as 'all'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:571
+msgid "Default: userCategory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:576
+msgid "ipa_selinux_usermap_host_category (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:579
+msgid "The LDAP attribute that contains host category such as 'all'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:583
+msgid "Default: hostCategory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:588
+msgid "ipa_selinux_usermap_uuid (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:591
+msgid "The LDAP attribute that contains unique ID of the user map."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:595
+msgid "Default: ipaUniqueID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ipa.5.xml:600
+msgid "ipa_host_ssh_public_key (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:603
+msgid "The LDAP attribute that contains the host's SSH public keys."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ipa.5.xml:607
+msgid "Default: ipaSshPubKey"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-ipa.5.xml:616
+msgid "SUBDOMAINS PROVIDER"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:618
+msgid ""
+"The IPA subdomains provider behaves slightly differently if it is configured "
+"explicitly or implicitly."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:622
+msgid ""
+"If the option 'subdomains_provider = ipa' is found in the domain section of "
+"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
+"subdomain requests are sent to the IPA server if necessary."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:628
+msgid ""
+"If the option 'subdomains_provider' is not set in the domain section of sssd."
+"conf but there is the option 'id_provider = ipa', the IPA subdomains "
+"provider is configured implictly. In this case, if a subdomain request fails "
+"and indicates that the server does not support subdomains, i.e. is not "
+"configured for trusts, the IPA subdomains provider is disabled. After an "
+"hour or after the IPA provider goes online, the subdomains provider is "
+"enabled again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ipa.5.xml:645
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This examples shows only the ipa provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ipa.5.xml:652
+#, no-wrap
+msgid ""
+" [domain/example.com]\n"
+" id_provider = ipa\n"
+" ipa_server = ipaserver.example.com\n"
+" ipa_hostname = myhost.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-ad.5.xml:10 sssd-ad.5.xml:16
+msgid "sssd-ad"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:23
+msgid ""
+"This manual page describes the configuration of the AD provider for "
+"<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> "
+"</citerefentry>. For a detailed syntax reference, refer to the <quote>FILE "
+"FORMAT</quote> section of the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:36
+msgid ""
+"The AD provider is a back end used to connect to an Active Directory server. "
+"This provider requires that the machine be joined to the AD domain and a "
+"keytab is available."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:41
+msgid ""
+"The AD provider supports connecting to Active Directory 2008 R2 or later. "
+"Earlier versions may work, but are unsupported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:45
+msgid ""
+"The AD provider accepts the same options used by the <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> identity provider and the <citerefentry> <refentrytitle>sssd-"
+"krb5</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> authentication "
+"provider with some exceptions described below."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:57
+msgid ""
+"However, it is neither necessary nor recommended to set these options. The "
+"AD provider can also be used as an access and chpass provider. No "
+"configuration of the access provider is required on the client side."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:69
+#, no-wrap
+msgid ""
+"ldap_id_mapping = False\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:63
+msgid ""
+"By default, the AD provider will map UID and GID values from the objectSID "
+"parameter in Active Directory. For details on this, see the <quote>ID "
+"MAPPING</quote> section below. If you want to disable ID mapping and instead "
+"rely on POSIX attributes defined in Active Directory, you should set "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:83
+msgid "ad_domain (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:86
+msgid ""
+"Specifies the name of the Active Directory domain. This is optional. If not "
+"provided, the configuration domain name is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:91
+msgid ""
+"For proper operation, this option should be specified as the lower-case "
+"version of the long version of the Active Directory domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:99
+msgid "ad_server, ad_backup_server (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:102
+msgid ""
+"The comma-separated list of IP addresses or hostnames of the AD servers to "
+"which SSSD should connect in order of preference. For more information on "
+"failover and server redundancy, see the <quote>FAILOVER</quote> section. "
+"This is optional if autodiscovery is enabled. For more information on "
+"service discovery, refer to the <quote>SERVICE DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:115
+msgid "ad_hostname (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:118
+msgid ""
+"Optional. May be set on machines where the hostname(5) does not reflect the "
+"fully qualified name used in the Active Directory domain to identify this "
+"host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:124
+msgid ""
+"This field is used to determine the host principal in use in the keytab. It "
+"must match the hostname for which the keytab was issued."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting>
+#: sssd-ad.5.xml:193
+#, no-wrap
+msgid ""
+"fallback_homedir = /home/%u\n"
+" "
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:231
+msgid ""
+"The following example assumes that SSSD is correctly configured and example."
+"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
+"This example shows only the AD provider-specific options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:238
+#, no-wrap
+msgid ""
+"[domain/EXAMPLE]\n"
+"id_provider = ad\n"
+"auth_provider = ad\n"
+"access_provider = ad\n"
+"chpass_provider = ad\n"
+"\n"
+"ad_server = dc1.example.com\n"
+"ad_hostname = client.example.com\n"
+"ad_domain = example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-ad.5.xml:258
+#, no-wrap
+msgid ""
+"access_provider = ldap\n"
+"ldap_access_order = expire\n"
+"ldap_account_expire_policy = ad\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-ad.5.xml:254
+msgid ""
+"The AD access control provider checks if the account is expired. It has the "
+"same effect as the following configuration of the LDAP provider: "
+"<placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16
+msgid "sssd-sudo"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd-sudo.5.xml:17
+msgid "Configuring sudo with the SSSD back end"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:23
+msgid ""
+"This manual page describes how to configure <citerefentry> "
+"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> "
+"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:36
+msgid "Configuring sudo to cooperate with SSSD"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:38
+msgid ""
+"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to "
+"the <emphasis>sudoers</emphasis> entry in <citerefentry> "
+"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:47
+msgid ""
+"For example, to configure sudo to first lookup rules in the standard "
+"<citerefentry> <refentrytitle>sudoers</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> file (which should contain rules that apply to "
+"local users) and then in SSSD, the nsswitch.conf file should contain the "
+"following line:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:57
+#, no-wrap
+msgid "sudoers: files sss\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:61
+msgid ""
+"More information about configuring the sudoers search order from the "
+"nsswitch.conf file as well as information about the LDAP schema that is used "
+"to store sudo rules in the directory can be found in <citerefentry> "
+"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:72
+msgid "Configuring SSSD to fetch sudo rules"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:74
+msgid ""
+"The following example shows how to configure SSSD to download sudo rules "
+"from an LDAP server."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:79
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ldap\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:92
+msgid ""
+"The following example illustrates setting up SSSD to download sudo rules "
+"from an IPA server. It is necessary to use the LDAP provider and set "
+"appropriate connection parameters to authenticate correctly against the IPA "
+"server, because SSSD does not have native support of IPA provider for sudo "
+"yet."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-sudo.5.xml:100
+#, no-wrap
+msgid ""
+"[sssd]\n"
+"config_file_version = 2\n"
+"services = nss, pam, sudo\n"
+"domains = EXAMPLE\n"
+"\n"
+"[domain/EXAMPLE]\n"
+"id_provider = ipa\n"
+"ipa_domain = example.com\n"
+"ipa_server = ipa.example.com\n"
+"ldap_tls_cacert = /etc/ipa/ca.crt\n"
+"\n"
+"sudo_provider = ldap\n"
+"ldap_uri = ldap://ipa.example.com\n"
+"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
+"ldap_sasl_mech = GSSAPI\n"
+"ldap_sasl_authid = host/hostname.example.com\n"
+"ldap_sasl_realm = EXAMPLE.COM\n"
+"krb5_server = ipa.example.com\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd-sudo.5.xml:123
+msgid "The SUDO rule caching mechanism"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:125
+msgid ""
+"The biggest challenge, when developing sudo support in SSSD, was to ensure "
+"that running sudo with SSSD as the data source provides the same user "
+"experience and is as fast as sudo but keeps providing the most current set "
+"of rules as possible. To satisfy these requirements, SSSD uses three kinds "
+"of updates. They are referred to as full refresh, smart refresh and rules "
+"refresh."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:133
+msgid ""
+"The <emphasis>smart refresh</emphasis> periodically downloads rules that are "
+"new or were modified after the last update. Its primary goal is to keep the "
+"database growing by fetching only small increments that do not generate "
+"large amounts of network traffic."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:139
+msgid ""
+"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored "
+"in the cache and replaces them with all rules that are stored on the server. "
+"This is used to keep the cache consistent by removing every rule which was "
+"deleted from the server. However, full refresh may produce a lot of traffic "
+"and thus it should be run only occasionally depending on the size and "
+"stability of the sudo rules."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:147
+msgid ""
+"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user "
+"more permission than defined. It is triggered each time the user runs sudo. "
+"Rules refresh will find all rules that apply to this user, check their "
+"expiration time and redownload them if expired. In the case that any of "
+"these rules are missing on the server, the SSSD will do an out of band full "
+"refresh because more rules (that apply to other users) may have been deleted."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:156
+msgid ""
+"If enabled, SSSD will store only rules that can be applied to this machine. "
+"This means rules that contain one of the following values in "
+"<emphasis>sudoHost</emphasis> attribute:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:163
+msgid "keyword ALL"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:168
+msgid "wildcard"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:173
+msgid "netgroup (in the form \"+netgroup\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:178
+msgid "hostname or fully qualified domain name of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:183
+msgid "one of the IP addresses of this machine"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para>
+#: sssd-sudo.5.xml:188
+msgid "one of the IP addresses of the network (in the form \"address/mask\")"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-sudo.5.xml:194
+msgid ""
+"There are many configuration options that can be used to adjust the "
+"behavior. Please refer to \"ldap_sudo_*\" in <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> and \"sudo_*\" in <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd.8.xml:10 sssd.8.xml:15
+msgid "sssd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sssd.8.xml:16
+msgid "System Security Services Daemon"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sssd.8.xml:21
+msgid ""
+"<command>sssd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd.8.xml:31
+msgid ""
+"<command>SSSD</command> provides a set of daemons to manage access to remote "
+"directories and authentication mechanisms. It provides an NSS and PAM "
+"interface toward the system and a pluggable backend system to connect to "
+"multiple different account sources as well as D-Bus interface. It is also "
+"the basis to provide client auditing and policy services for projects like "
+"FreeIPA. It provides a more robust database to store local users as well as "
+"extended user data."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:46
+msgid ""
+"<option>-d</option>,<option>--debug-level</option> <replaceable>LEVEL</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:53
+msgid "<option>--debug-timestamps=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:57
+msgid "<emphasis>1</emphasis>: Add a timestamp to the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:60
+msgid "<emphasis>0</emphasis>: Disable timestamp in the debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:69
+msgid "<option>--debug-microseconds=</option><replaceable>mode</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:73
+msgid ""
+"<emphasis>1</emphasis>: Add microseconds to the timestamp in debug messages"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:76
+msgid "<emphasis>0</emphasis>: Disable microseconds in timestamp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:85
+msgid "<option>-f</option>,<option>--debug-to-files</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:89
+msgid ""
+"Send the debug output to files instead of stderr. By default, the log files "
+"are stored in <filename>/var/log/sssd</filename> and there are separate log "
+"files for every SSSD service and domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:97
+msgid "<option>-D</option>,<option>--daemon</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:101
+msgid "Become a daemon after starting up."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:107 sss_seed.8.xml:136
+msgid "<option>-i</option>,<option>--interactive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:111
+msgid "Run in the foreground, don't become a daemon."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:117 sss_debuglevel.8.xml:42
+msgid "<option>-c</option>,<option>--config</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:121 sss_debuglevel.8.xml:46
+msgid ""
+"Specify a non-default config file. The default is <filename>/etc/sssd/sssd."
+"conf</filename>. For reference on the config file syntax and options, "
+"consult the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> "
+"<manvolnum>5</manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:135
+msgid "<option>--version</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:139
+msgid "Print version number and exit."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><title>
+#: sssd.8.xml:147
+msgid "Signals"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:150
+msgid "SIGTERM/SIGINT"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:153
+msgid ""
+"Informs the SSSD to gracefully terminate all of its child processes and then "
+"shut down the monitor."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:159
+msgid "SIGHUP"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:162
+msgid ""
+"Tells the SSSD to stop writing to its current debug file descriptors and to "
+"close and reopen them. This is meant to facilitate log rolling with programs "
+"like logrotate."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:170
+msgid "SIGUSR1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:173
+msgid ""
+"Tells the SSSD to simulate offline operation for one minute. This is mostly "
+"useful for testing purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sssd.8.xml:179
+msgid "SIGUSR2"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sssd.8.xml:182
+msgid ""
+"Tells the SSSD to go online immediately. This is mostly useful for testing "
+"purposes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15
+msgid "sss_obfuscate"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_obfuscate.8.xml:16
+msgid "obfuscate a clear text password"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_obfuscate.8.xml:21
+msgid ""
+"<command>sss_obfuscate</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>[PASSWORD]</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:32
+msgid ""
+"<command>sss_obfuscate</command> converts a given password into human-"
+"unreadable format and places it into appropriate domain section of the SSSD "
+"config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:37
+msgid ""
+"The cleartext password is read from standard input or entered "
+"interactively. The obfuscated password is put into "
+"<quote>ldap_default_authtok</quote> parameter of a given SSSD domain and the "
+"<quote>ldap_default_authtok_type</quote> parameter is set to "
+"<quote>obfuscated_password</quote>. Refer to <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> for more details on these parameters."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_obfuscate.8.xml:49
+msgid ""
+"Please note that obfuscating the password provides <emphasis>no real "
+"security benefit</emphasis> as it is still possible for an attacker to "
+"reverse-engineer the password back. Using better authentication mechanisms "
+"such as client side certificates or GSSAPI is <emphasis>strongly</emphasis> "
+"advised."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:63
+msgid "<option>-s</option>,<option>--stdin</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:67
+msgid "The password to obfuscate will be read from standard input."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:74 sss_ssh_authorizedkeys.1.xml:79
+#: sss_ssh_knownhostsproxy.1.xml:78
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:79
+msgid ""
+"The SSSD domain to use the password in. The default name is <quote>default</"
+"quote>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_obfuscate.8.xml:86
+msgid ""
+"<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:91
+msgid "Read the config file specified by the positional parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_obfuscate.8.xml:95
+msgid "Default: <filename>/etc/sssd/sssd.conf</filename>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_useradd.8.xml:10 sss_useradd.8.xml:15
+msgid "sss_useradd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_useradd.8.xml:16
+msgid "create a new user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_useradd.8.xml:21
+msgid ""
+"<command>sss_useradd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_useradd.8.xml:32
+msgid ""
+"<command>sss_useradd</command> creates a new user account using the values "
+"specified on the command line plus the default values from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:43 sss_seed.8.xml:76
+msgid ""
+"<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:48
+msgid ""
+"Set the UID of the user to the value of <replaceable>UID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100
+msgid ""
+"<option>-c</option>,<option>--gecos</option> <replaceable>COMMENT</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105
+msgid ""
+"Any text string describing the user. Often used as the field for the user's "
+"full name."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112
+msgid ""
+"<option>-h</option>,<option>--home</option> <replaceable>HOME_DIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:72
+msgid ""
+"The home directory of the user account. The default is to append the "
+"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use "
+"that as the home directory. The base that is prepended before "
+"<replaceable>LOGIN</replaceable> is tunable with <quote>user_defaults/"
+"baseDirectory</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124
+msgid ""
+"<option>-s</option>,<option>--shell</option> <replaceable>SHELL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:87
+msgid ""
+"The user's login shell. The default is currently <filename>/bin/bash</"
+"filename>. The default can be changed with <quote>user_defaults/"
+"defaultShell</quote> setting in sssd.conf."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:96
+msgid ""
+"<option>-G</option>,<option>--groups</option> <replaceable>GROUPS</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:101
+msgid "A list of existing groups this user is also a member of."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:107
+msgid "<option>-m</option>,<option>--create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:111
+msgid ""
+"Create the user's home directory if it does not exist. The files and "
+"directories contained in the skeleton directory (which can be defined with "
+"the -k option or in the config file) will be copied to the home directory."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:121
+msgid "<option>-M</option>,<option>--no-create-home</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:125
+msgid ""
+"Do not create the user's home directory. Overrides configuration settings."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:132
+msgid ""
+"<option>-k</option>,<option>--skel</option> <replaceable>SKELDIR</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:137
+msgid ""
+"The skeleton directory, which contains files and directories to be copied in "
+"the user's home directory, when the home directory is created by "
+"<command>sss_useradd</command>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:143
+msgid ""
+"This option is only valid if the <option>-m</option> (or <option>--create-"
+"home</option>) option is specified, or creation of home directories is set "
+"to TRUE in the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_useradd.8.xml:152 sss_usermod.8.xml:124
+msgid ""
+"<option>-Z</option>,<option>--selinux-user</option> "
+"<replaceable>SELINUX_USER</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_useradd.8.xml:157
+msgid ""
+"The SELinux user for the user's login. If not specified, the system default "
+"will be used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16
+msgid "sssd-krb5"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:23
+msgid ""
+"This manual page describes the configuration of the Kerberos 5 "
+"authentication backend for <citerefentry> <refentrytitle>sssd</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry>. For a detailed "
+"syntax reference, please refer to the <quote>FILE FORMAT</quote> section of "
+"the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:36
+msgid ""
+"The Kerberos 5 authentication backend contains auth and chpass providers. It "
+"must be paired with an identity provider in order to function properly (for "
+"example, id_provider = ldap). Some information required by the Kerberos 5 "
+"authentication backend must be provided by the identity provider, such as "
+"the user's Kerberos Principal Name (UPN). The configuration of the identity "
+"provider should have an entry to specify the UPN. Please refer to the man "
+"page for the applicable identity provider for details on how to configure "
+"this."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:47
+msgid ""
+"This backend also provides access control based on the .k5login file in the "
+"home directory of the user. See <citerefentry> <refentrytitle>.k5login</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry> for more details. "
+"Please note that an empty .k5login file will deny all access to this user. "
+"To activate this feature, use 'access_provider = krb5' in your SSSD "
+"configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:55
+msgid ""
+"In the case where the UPN is not available in the identity backend, "
+"<command>sssd</command> will construct a UPN using the format "
+"<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:77
+msgid ""
+"Specifies the comma-separated list of IP addresses or hostnames of the "
+"Kerberos servers to which SSSD should connect, in the order of preference. "
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. An optional port number (preceded by a "
+"colon) may be appended to the addresses or hostnames. If empty, service "
+"discovery is enabled; for more information, refer to the <quote>SERVICE "
+"DISCOVERY</quote> section."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:106
+msgid ""
+"The name of the Kerberos realm. This option is required and must be "
+"specified."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:113
+msgid "krb5_kpasswd, krb5_backup_kpasswd (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:116
+msgid ""
+"If the change password service is not running on the KDC, alternative "
+"servers can be defined here. An optional port number (preceded by a colon) "
+"may be appended to the addresses or hostnames."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:122
+msgid ""
+"For more information on failover and server redundancy, see the "
+"<quote>FAILOVER</quote> section. NOTE: Even if there are no more kpasswd "
+"servers to try, the backend is not switched to operate offline if "
+"authentication against the KDC is still possible."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:129
+msgid "Default: Use the KDC"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:135
+msgid "krb5_ccachedir (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:138
+msgid ""
+"Directory to store credential caches. All the substitution sequences of "
+"krb5_ccname_template can be used here, too, except %d and %P. If the "
+"directory does not exist, it will be created. If %u, %U, %p or %h are used, "
+"a private directory belonging to the user is created. Otherwise, a public "
+"directory with restricted deletion flag (aka sticky bit, as described in "
+"<citerefentry> <refentrytitle>chmod</refentrytitle> <manvolnum>1</manvolnum> "
+"</citerefentry> for details) is created."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:152
+msgid "Default: /tmp"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:158
+msgid "krb5_ccname_template (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:174
+msgid "login UID"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:177
+msgid "%p"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:178
+msgid "principal name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:182
+msgid "%r"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:183
+msgid "realm name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:186
+msgid "%h"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:187
+msgid "home directory"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:192
+msgid "value of krb5ccache_dir"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:197
+msgid "%P"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:198
+msgid "the process ID of the SSSD client"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:161
+msgid ""
+"Location of the user's credential cache. Two credential cache types are "
+"currently supported: <quote>FILE</quote> and <quote>DIR</quote>. The cache "
+"can be specified either as <replaceable>TYPE:RESIDUAL</replaceable>, or as "
+"an absolute path, which implies the <quote>FILE</quote> type. In the "
+"template, the following sequences are substituted: <placeholder type="
+"\"variablelist\" id=\"0\"/> If the template ends with 'XXXXXX' mkstemp(3) is "
+"used to create a unique filename in a safe way."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:212
+msgid "Default: FILE:%d/krb5cc_%U_XXXXXX"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:218
+msgid "krb5_auth_timeout (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:221
+msgid ""
+"Timeout in seconds after an online authentication request or change password "
+"request is aborted. If possible, the authentication request is continued "
+"offline."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:235
+msgid ""
+"Verify with the help of krb5_keytab that the TGT obtained has not been "
+"spoofed. The keytab is checked for entries sequentially, and the first entry "
+"with a matching realm is used for validation. If no entry matches the realm, "
+"the last entry in the keytab is used. This process can be used to validate "
+"environments using cross-realm trust by placing the appropriate keytab entry "
+"as the last entry or the only entry in the keytab file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:250
+msgid "krb5_keytab (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:253
+msgid ""
+"The location of the keytab to use when validating credentials obtained from "
+"KDCs."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:257
+msgid "Default: /etc/krb5.keytab"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:263
+msgid "krb5_store_password_if_offline (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:266
+msgid ""
+"Store the password of the user if the provider is offline and use it to "
+"request a TGT when the provider comes online again."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:271
+msgid ""
+"NOTE: this feature is only available on Linux. Passwords stored in this way "
+"are kept in plaintext in the kernel keyring and are potentially accessible "
+"by the root user (with difficulty)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:284
+msgid "krb5_renewable_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:287
+msgid ""
+"Request a renewable ticket with a total lifetime, given as an integer "
+"immediately followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:326
+msgid "<emphasis>s</emphasis> for seconds"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:295 sssd-krb5.5.xml:329
+msgid "<emphasis>m</emphasis> for minutes"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:298 sssd-krb5.5.xml:332
+msgid "<emphasis>h</emphasis> for hours"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:301 sssd-krb5.5.xml:335
+msgid "<emphasis>d</emphasis> for days."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:304
+msgid "If there is no unit given, <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:308
+msgid ""
+"NOTE: It is not possible to mix units. To set the renewable lifetime to one "
+"and a half hours, use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:313
+msgid "Default: not set, i.e. the TGT is not renewable"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:319
+msgid "krb5_lifetime (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:322
+msgid ""
+"Request ticket with a with a lifetime, given as an integer immediately "
+"followed by a time unit:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:338
+msgid "If there is no unit given <emphasis>s</emphasis> is assumed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:342
+msgid ""
+"NOTE: It is not possible to mix units. To set the lifetime to one and a "
+"half hours please use '90m' instead of '1h30m'."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:347
+msgid ""
+"Default: not set, i.e. the default ticket lifetime configured on the KDC."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:354
+msgid "krb5_renew_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:357
+msgid ""
+"The time in seconds between two checks if the TGT should be renewed. TGTs "
+"are renewed if about half of their lifetime is exceeded."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:362
+msgid "If this option is not set or is 0 the automatic renewal is disabled."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:372
+msgid "krb5_use_fast (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:375
+msgid ""
+"Enables flexible authentication secure tunneling (FAST) for Kerberos pre-"
+"authentication. The following options are supported:"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:380
+msgid ""
+"<emphasis>never</emphasis> use FAST. This is equivalent to not setting this "
+"option at all."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:384
+msgid ""
+"<emphasis>try</emphasis> to use FAST. If the server does not support FAST, "
+"continue the authentication without it."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:389
+msgid ""
+"<emphasis>demand</emphasis> to use FAST. The authentication fails if the "
+"server does not require fast."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:394
+msgid "Default: not set, i.e. FAST is not used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:397
+msgid "NOTE: a keytab is required to use FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:400
+msgid ""
+"NOTE: SSSD supports FAST only with MIT Kerberos version 1.8 and later. If "
+"SSSD is used with an older version of MIT Kerberos, using this option is a "
+"configuration error."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-krb5.5.xml:409
+msgid "krb5_fast_principal (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:412
+msgid "Specifies the server principal to use for FAST."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-krb5.5.xml:421
+msgid ""
+"Specifies if the host and user principal should be canonicalized. This "
+"feature is available with MIT Kerberos 1.7 and later versions."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:65
+msgid ""
+"If the auth-module krb5 is used in an SSSD domain, the following options "
+"must be used. See the <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page, section "
+"<quote>DOMAIN SECTIONS</quote>, for details on the configuration of an SSSD "
+"domain. <placeholder type=\"variablelist\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sssd-krb5.5.xml:443
+msgid ""
+"The following example assumes that SSSD is correctly configured and FOO is "
+"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
+"example shows only configuration of Kerberos authentication; it does not "
+"include any identity provider."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sssd-krb5.5.xml:451
+#, no-wrap
+msgid ""
+" [domain/FOO]\n"
+" auth_provider = krb5\n"
+" krb5_server = 192.168.1.1\n"
+" krb5_realm = EXAMPLE.COM\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15
+msgid "sss_groupadd"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupadd.8.xml:16
+msgid "create a new group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupadd.8.xml:21
+msgid ""
+"<command>sss_groupadd</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupadd.8.xml:32
+msgid ""
+"<command>sss_groupadd</command> creates a new group. These groups are "
+"compatible with POSIX groups, with the additional feature that they can "
+"contain other groups as members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupadd.8.xml:43 sss_seed.8.xml:88
+msgid ""
+"<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupadd.8.xml:48
+msgid ""
+"Set the GID of the group to the value of <replaceable>GID</replaceable>. If "
+"not given, it is chosen automatically."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_userdel.8.xml:10 sss_userdel.8.xml:15
+msgid "sss_userdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_userdel.8.xml:16
+msgid "delete a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_userdel.8.xml:21
+msgid ""
+"<command>sss_userdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_userdel.8.xml:32
+msgid ""
+"<command>sss_userdel</command> deletes a user identified by login name "
+"<replaceable>LOGIN</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:44
+msgid "<option>-r</option>,<option>--remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:48
+msgid ""
+"Files in the user's home directory will be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:56
+msgid "<option>-R</option>,<option>--no-remove</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:60
+msgid ""
+"Files in the user's home directory will NOT be removed along with the home "
+"directory itself and the user's mail spool. Overrides the configuration."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:68
+msgid "<option>-f</option>,<option>--force</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:72
+msgid ""
+"This option forces <command>sss_userdel</command> to remove the user's home "
+"directory and mail spool, even if they are not owned by the specified user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_userdel.8.xml:80
+msgid "<option>-k</option>,<option>--kick</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_userdel.8.xml:84
+msgid "Before actually deleting the user, terminate all his processes."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15
+msgid "sss_groupdel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupdel.8.xml:16
+msgid "delete a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupdel.8.xml:21
+msgid ""
+"<command>sss_groupdel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupdel.8.xml:32
+msgid ""
+"<command>sss_groupdel</command> deletes a group identified by its name "
+"<replaceable>GROUP</replaceable> from the system."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15
+msgid "sss_groupshow"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_groupshow.8.xml:16
+msgid "print properties of a group"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_groupshow.8.xml:21
+msgid ""
+"<command>sss_groupshow</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>GROUP</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_groupshow.8.xml:32
+msgid ""
+"<command>sss_groupshow</command> displays information about a group "
+"identified by its name <replaceable>GROUP</replaceable>. The information "
+"includes the group ID number, members of the group and the parent group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_groupshow.8.xml:43
+msgid "<option>-R</option>,<option>--recursive</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_groupshow.8.xml:47
+msgid ""
+"Also print indirect group members in a tree-like hierarchy. Note that this "
+"also affects printing parent groups - without <option>R</option>, only the "
+"direct parent will be printed."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_usermod.8.xml:10 sss_usermod.8.xml:15
+msgid "sss_usermod"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_usermod.8.xml:16
+msgid "modify a user account"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_usermod.8.xml:21
+msgid ""
+"<command>sss_usermod</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>LOGIN</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_usermod.8.xml:32
+msgid ""
+"<command>sss_usermod</command> modifies the account specified by "
+"<replaceable>LOGIN</replaceable> to reflect the changes that are specified "
+"on the command line."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:60
+msgid "The home directory of the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:71
+msgid "The user's login shell."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:82
+msgid ""
+"Append this user to groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter. The <replaceable>GROUPS</replaceable> parameter is "
+"a comma separated list of group names."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:96
+msgid ""
+"Remove this user from groups specified by the <replaceable>GROUPS</"
+"replaceable> parameter."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:103
+msgid "<option>-l</option>,<option>--lock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:107
+msgid "Lock the user account. The user won't be able to log in."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_usermod.8.xml:114
+msgid "<option>-u</option>,<option>--unlock</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:118
+msgid "Unlock the user account."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_usermod.8.xml:129
+msgid "The SELinux user for the user's login."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_cache.8.xml:10 sss_cache.8.xml:15
+msgid "sss_cache"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_cache.8.xml:16
+msgid "perform cache cleanup"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_cache.8.xml:21
+msgid ""
+"<command>sss_cache</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_cache.8.xml:31
+msgid ""
+"<command>sss_cache</command> invalidates records in SSSD cache. Invalidated "
+"records are forced to be reloaded from server as soon as related SSSD "
+"backend is online."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:42
+msgid ""
+"<option>-u</option>,<option>--user</option> <replaceable>login</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:47
+msgid "Invalidate specific user."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:53
+msgid "<option>-U</option>,<option>--users</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:57
+msgid ""
+"Invalidate all user records. This option overrides invalidation of specific "
+"user if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:64
+msgid ""
+"<option>-g</option>,<option>--group</option> <replaceable>group</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:69
+msgid "Invalidate specific group."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:75
+msgid "<option>-G</option>,<option>--groups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:79
+msgid ""
+"Invalidate all group records. This option overrides invalidation of specific "
+"group if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:86
+msgid ""
+"<option>-n</option>,<option>--netgroup</option> <replaceable>netgroup</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:91
+msgid "Invalidate specific netgroup."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:97
+msgid "<option>-N</option>,<option>--netgroups</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:101
+msgid ""
+"Invalidate all netgroup records. This option overrides invalidation of "
+"specific netgroup if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:108
+msgid ""
+"<option>-s</option>,<option>--service</option> <replaceable>service</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:113
+msgid "Invalidate specific service."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:119
+msgid "<option>-S</option>,<option>--services</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:123
+msgid ""
+"Invalidate all service records. This option overrides invalidation of "
+"specific service if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:130
+msgid ""
+"<option>-a</option>,<option>--autofs-map</option> <replaceable>autofs-map</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:135
+msgid "Invalidate specific autofs maps."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:141
+msgid "<option>-A</option>,<option>--autofs-maps</option>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:145
+msgid ""
+"Invalidate all autofs maps. This option overrides invalidation of specific "
+"map if it was also set."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_cache.8.xml:152
+msgid ""
+"<option>-d</option>,<option>--domain</option> <replaceable>domain</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_cache.8.xml:157
+msgid "Restrict invalidation process only to a particular domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_debuglevel.8.xml:10 sss_debuglevel.8.xml:15
+msgid "sss_debuglevel"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_debuglevel.8.xml:16
+msgid "change debug level while SSSD is running"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_debuglevel.8.xml:21
+msgid ""
+"<command>sss_debuglevel</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'><replaceable>NEW_DEBUG_LEVEL</"
+"replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_debuglevel.8.xml:32
+msgid ""
+"<command>sss_debuglevel</command> changes debug level of SSSD monitor and "
+"providers to <replaceable>NEW_DEBUG_LEVEL</replaceable> while SSSD is "
+"running."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_debuglevel.8.xml:59
+msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_seed.8.xml:10 sss_seed.8.xml:15
+msgid "sss_seed"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_seed.8.xml:16
+msgid "seed the SSSD cache with a user"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_seed.8.xml:21
+msgid ""
+"<command>sss_seed</command> <arg choice='opt'> <replaceable>options</"
+"replaceable> </arg> <arg choice='plain'>-D <replaceable>DOMAIN</"
+"replaceable></arg> <arg choice='plain'>-n <replaceable>USER</replaceable></"
+"arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:33
+msgid ""
+"<command>sss_seed</command> seeds the SSSD cache with a user entry and "
+"temporary password. If a user entry is already present in the SSSD cache "
+"then the entry is updated with the temporary password."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:46
+msgid ""
+"<option>-D</option>,<option>--domain</option> <replaceable>DOMAIN</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:51
+msgid ""
+"Provide the name of the domain in which the user is a member of. The domain "
+"is also used to retrieve user information. The domain must be configured in "
+"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. "
+"Information retrieved from the domain overrides what is provided in the "
+"options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:63
+msgid ""
+"<option>-n</option>,<option>--username</option> <replaceable>USER</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:68
+msgid ""
+"The username of the entry to be created or modified in the cache. The "
+"<replaceable>USER</replaceable> option must be provided."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:81
+msgid "Set the UID of the user to <replaceable>UID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:93
+msgid "Set the GID of the user to <replaceable>GID</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:117
+msgid ""
+"Set the home directory of the user to <replaceable>HOME_DIR</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:129
+msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:140
+msgid ""
+"Interactive mode for entering user information. This option will only prompt "
+"for information not provided in the options or retrieved from the domain."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_seed.8.xml:148
+msgid ""
+"<option>-p</option>,<option>--password-file</option> <replaceable>PASS_FILE</"
+"replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_seed.8.xml:153
+msgid ""
+"Specify file to read user's password from. (if not specified password is "
+"prompted for)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_seed.8.xml:165
+msgid ""
+"The length of the password (or the size of file specified with -p or --"
+"password-file option) must be less than or equal to PASS_MAX bytes (64 bytes "
+"on systems with no globally-defined PASS_MAX value)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15
+msgid "sss_ssh_authorizedkeys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refmeta><manvolnum>
+#: sss_ssh_authorizedkeys.1.xml:11 sss_ssh_knownhostsproxy.1.xml:11
+msgid "1"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_authorizedkeys.1.xml:16
+msgid "get OpenSSH authorized keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_authorizedkeys.1.xml:21
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>USER</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:32
+msgid ""
+"<command>sss_ssh_authorizedkeys</command> acquires SSH public keys for user "
+"<replaceable>USER</replaceable> and outputs them in OpenSSH authorized_keys "
+"format (see the <quote>AUTHORIZED_KEYS FILE FORMAT</quote> section of "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> for more information)."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:41
+msgid ""
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_authorizedkeys</"
+"command> for public key user authentication if it is compiled with support "
+"for either <quote>AuthorizedKeysCommand</quote> or <quote>PubkeyAgent</"
+"quote> <citerefentry> <refentrytitle>sshd_config</refentrytitle> "
+"<manvolnum>5</manvolnum></citerefentry> options."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:58
+#, no-wrap
+msgid "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:51
+msgid ""
+"If <quote>AuthorizedKeysCommand</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by putting the following directive "
+"in <citerefentry> <refentrytitle>sshd_config</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry>: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_authorizedkeys.1.xml:69
+#, no-wrap
+msgid "PubKeyAgent /usr/bin/sss_ssh_authorizedkeys %u\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_authorizedkeys.1.xml:62
+msgid ""
+"If <quote>PubkeyAgent</quote> is supported, "
+"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
+"citerefentry> can be configured to use it by using the following directive "
+"for <citerefentry> <refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> configuration: <placeholder type=\"programlisting"
+"\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_authorizedkeys.1.xml:84
+msgid ""
+"Search for user public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refname>
+#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
+msgid "sss_ssh_knownhostsproxy"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refnamediv><refpurpose>
+#: sss_ssh_knownhostsproxy.1.xml:16
+msgid "get OpenSSH host keys"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis>
+#: sss_ssh_knownhostsproxy.1.xml:21
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> <arg choice='opt'> "
+"<replaceable>options</replaceable> </arg> <arg "
+"choice='plain'><replaceable>HOST</replaceable></arg> <arg "
+"choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:33
+msgid ""
+"<command>sss_ssh_knownhostsproxy</command> acquires SSH host public keys for "
+"host <replaceable>HOST</replaceable>, stores them in a custom OpenSSH "
+"known_hosts file (see the <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section "
+"of <citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</"
+"manvolnum></citerefentry> for more information) <filename>/var/lib/sss/"
+"pubconf/known_hosts</filename> and estabilishes connection to the host."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:43
+msgid ""
+"If <replaceable>PROXY_COMMAND</replaceable> is specified, it is used to "
+"create the connection to the host instead of opening a socket."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><programlisting>
+#: sss_ssh_knownhostsproxy.1.xml:55
+#, no-wrap
+msgid ""
+"ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h\n"
+"GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts\n"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para>
+#: sss_ssh_knownhostsproxy.1.xml:48
+msgid ""
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> can be configured to use <command>sss_ssh_knownhostsproxy</"
+"command> for host key authentication by using the following directives for "
+"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
+"citerefentry> configuration: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
+#: sss_ssh_knownhostsproxy.1.xml:66
+msgid ""
+"<option>-p</option>,<option>--port</option> <replaceable>PORT</replaceable>"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:71
+msgid ""
+"Use port <replaceable>PORT</replaceable> to connect to the host. By "
+"default, port 22 is used."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
+#: sss_ssh_knownhostsproxy.1.xml:83
+msgid ""
+"Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/service_discovery.xml:2
+msgid "SERVICE DISCOVERY"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/service_discovery.xml:4
+msgid ""
+"The service discovery feature allows back ends to automatically find the "
+"appropriate servers to connect to using a special DNS query. This feature is "
+"not supported for backup servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:9 include/ldap_id_mapping.xml:57
+msgid "Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:11
+msgid ""
+"If no servers are specified, the back end automatically uses service "
+"discovery to try to find a server. Optionally, the user may choose to use "
+"both fixed server addresses and service discovery by inserting a special "
+"keyword, <quote>_srv_</quote>, in the list of servers. The order of "
+"preference is maintained. This feature is useful if, for example, the user "
+"prefers to use service discovery whenever possible, and fall back to a "
+"specific server when no servers can be discovered using DNS."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:23
+msgid "The domain name"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:25
+msgid ""
+"Please refer to the <quote>dns_discovery_domain</quote> parameter in the "
+"<citerefentry> <refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> manual page for more details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:35
+msgid "The protocol"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:37
+msgid ""
+"The queries usually specify _tcp as the protocol. Exceptions are documented "
+"in respective option description."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/service_discovery.xml:42
+msgid "See Also"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/service_discovery.xml:44
+msgid ""
+"For more information on the service discovery mechanism, refer to RFC 2782."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/upstream.xml:1
+msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/failover.xml:2
+msgid "FAILOVER"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/failover.xml:4
+msgid ""
+"The failover feature allows back ends to automatically switch to a different "
+"server if the current server fails."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:8
+msgid "Failover Syntax"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:10
+msgid ""
+"The list of servers is given as a comma-separated list; any number of spaces "
+"is allowed around the comma. The servers are listed in order of preference. "
+"The list can contain any number of servers."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:16
+msgid ""
+"For each failover-enabled config option, two variants exist: "
+"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is "
+"that servers in the primary list are preferred and backup servers are only "
+"searched if no primary servers can be reached. If a backup server is "
+"selected, a timeout of 31 seconds is set. After this timeout SSSD will "
+"periodically try to reconnect to one of the primary servers. If it succeeds, "
+"it will replace the current active (backup) server."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/failover.xml:27
+msgid "The Failover Mechanism"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:29
+msgid ""
+"The failover mechanism distinguishes between a machine and a service. The "
+"back end first tries to resolve the hostname of a given machine; if this "
+"resolution attempt fails, the machine is considered offline. No further "
+"attempts are made to connect to this machine for any other service. If the "
+"resolution attempt succeeds, the back end tries to connect to a service on "
+"this machine. If the service connection attempt fails, then only this "
+"particular service is considered offline and the back end automatically "
+"switches over to the next service. The machine is still considered online "
+"and might still be tried for another service."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:42
+msgid ""
+"Further connection attempts are made to machines or services marked as "
+"offline after a specified period of time; this is currently hard coded to 30 "
+"seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/failover.xml:47
+msgid ""
+"If there are no more machines to try, the back end as a whole switches to "
+"offline mode, and then attempts to reconnect every 30 seconds."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/ldap_id_mapping.xml:2
+msgid "ID MAPPING"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:4
+msgid ""
+"The ID-mapping feature allows SSSD to act as a client of Active Directory "
+"without requiring administrators to extend user attributes to support POSIX "
+"attributes for user and group identifiers."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/ldap_id_mapping.xml:9
+msgid ""
+"NOTE: When ID-mapping is enabled, the uidNumber and gidNumber attributes are "
+"ignored. This is to avoid the possibility of conflicts between automatically-"
+"assigned and manually-assigned values. If you need to use manually-assigned "
+"values, ALL values must be manually-assigned."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><title>
+#: include/ldap_id_mapping.xml:17
+msgid "Mapping Algorithm"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:19
+msgid ""
+"Active Directory provides an objectSID for every user and group object in "
+"the directory. This objectSID can be broken up into components that "
+"represent the Active Directory domain identity and the relative identifier "
+"(RID) of the user or group object."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:25
+msgid ""
+"The SSSD ID-mapping algorithm takes a range of available UIDs and divides it "
+"into equally-sized component sections - called \"slices\"-. Each slice "
+"represents the space available to an Active Directory domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:31
+msgid ""
+"When a user or group entry for a particular domain is encountered for the "
+"first time, the SSSD allocates one of the available slices for that domain. "
+"In order to make this slice-assignment repeatable on different client "
+"machines, we select the slice based on the following algorithm:"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:38
+msgid ""
+"The SID string is passed through the murmurhash3 algorithm to convert it to "
+"a 32-bit hashed value. We then take the modulus of this value with the total "
+"number of available slices to pick the slice."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:44
+msgid ""
+"NOTE: It is possible to encounter collisions in the hash and subsequent "
+"modulus. In these situations, we will select the next available slice, but "
+"it may not be possible to reproduce the same exact set of slices on other "
+"machines (since the order that they are encountered will determine their "
+"slice). In this situation, it is recommended to either switch to using "
+"explicit POSIX attributes in Active Directory (disabling ID-mapping) or "
+"configure a default domain to guarantee that at least one is always "
+"consistent. See <quote>Configuration</quote> for details."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:59
+msgid ""
+"Minimum configuration (in the <quote>[domain/DOMAINNAME]</quote> section):"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para><programlisting>
+#: include/ldap_id_mapping.xml:64
+#, no-wrap
+msgid ""
+"ldap_id_mapping = True\n"
+"ldap_schema = ad\n"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><para>
+#: include/ldap_id_mapping.xml:69
+msgid ""
+"The default configuration results in configuring 10,000 slices, each capable "
+"of holding up to 200,000 IDs, starting from 10,001 and going up to "
+"2,000,100,000. This should be sufficient for most deployments."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><title>
+#: include/ldap_id_mapping.xml:75
+msgid "Advanced Configuration"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:78
+msgid "ldap_idmap_range_min (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:81
+msgid ""
+"Specifies the lower bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:85
+msgid ""
+"NOTE: This option is different from <quote>min_id</quote> in that "
+"<quote>min_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>min_id</"
+"quote> be less-than or equal to <quote>ldap_idmap_range_min</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:95 include/ldap_id_mapping.xml:131
+msgid "Default: 200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:100
+msgid "ldap_idmap_range_max (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:103
+msgid ""
+"Specifies the upper bound of the range of POSIX IDs to use for mapping "
+"Active Directory user and group SIDs."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:107
+msgid ""
+"NOTE: This option is different from <quote>max_id</quote> in that "
+"<quote>max_id</quote> acts to filter the output of requests to this domain, "
+"whereas this option controls the range of ID assignment. This is a subtle "
+"distinction, but the good general advice would be to have <quote>max_id</"
+"quote> be greater-than or equal to <quote>ldap_idmap_range_max</quote>"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:117
+msgid "Default: 2000200000"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:122
+msgid "ldap_idmap_range_size (integer)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:125
+msgid ""
+"Specifies the number of IDs available for each slice. If the range size "
+"does not divide evenly into the min and max values, it will create as many "
+"complete slices as it can."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:136
+msgid "ldap_idmap_default_domain_sid (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:139
+msgid ""
+"Specify the domain SID of the default domain. This will guarantee that this "
+"domain will always be assigned to slice zero in the ID map, bypassing the "
+"murmurhash algorithm described above."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:150
+msgid "ldap_idmap_default_domain (string)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:153
+msgid "Specify the name of the default domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><term>
+#: include/ldap_id_mapping.xml:161
+msgid "ldap_idmap_autorid_compat (boolean)"
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:164
+msgid ""
+"Changes the behavior of the ID-mapping algorithm to behave more similarly to "
+"winbind's <quote>idmap_autorid</quote> algorithm."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:169
+msgid ""
+"When this option is configured, domains will be allocated starting with "
+"slice zero and increasing monatomically with each additional domain."
+msgstr ""
+
+#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
+#: include/ldap_id_mapping.xml:174
+msgid ""
+"NOTE: This algorithm is non-deterministic (it depends on the order that "
+"users and groups are requested). If this mode is required for compatibility "
+"with machines running winbind, it is recommended to also use the "
+"<quote>ldap_idmap_default_domain_sid</quote> option to guarantee that at "
+"least one domain is consistently allocated to slice zero."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help.xml:3
+msgid "<option>-?</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <varlistentry><listitem><para>
+#: include/param_help.xml:7 include/param_help_py.xml:7
+msgid "Display help message and exit."
+msgstr ""
+
+#. type: Content of: <varlistentry><term>
+#: include/param_help_py.xml:3
+msgid "<option>-h</option>,<option>--help</option>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:3
+msgid ""
+"Bit mask that indicates which debug levels will be visible. 0x0010 is the "
+"default value as well as the lowest allowed value, 0xFFF0 is the most "
+"verbose mode. This setting overrides the settings from config file."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:8
+msgid "Currently supported debug levels:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:11
+msgid ""
+"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
+"SSSD from starting up or causes it to cease running."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:15
+msgid ""
+"<emphasis>0x0020</emphasis>: Critical failures. An error that doesn't kill "
+"the SSSD, but one that indicates that at least one major feature is not "
+"going to work properly."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:20
+msgid ""
+"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
+"particular request or operation has failed."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:24
+msgid ""
+"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
+"percolate down to cause the operation failure of 2."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:28
+msgid "<emphasis>0x0100</emphasis>: Configuration settings."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:31
+msgid "<emphasis>0x0200</emphasis>: Function data."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:34
+msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:37
+msgid ""
+"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:40
+msgid ""
+"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
+"may be interesting."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:43
+msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:46
+msgid ""
+"To log required debug levels, simply add their numbers together as shown in "
+"following examples:"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:49
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
+"serious failures and function data use 0x0270."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:53
+msgid ""
+"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
+"function data, trace messages for internal control functions use 0x1310."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/debug_levels.xml:57
+msgid ""
+"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
+"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
+msgstr ""
+
+#. type: Content of: outside any tag (error?)
+#: include/experimental.xml:1
+msgid ""
+"<emphasis> This is an experimental feature, please use http://fedorahosted."
+"org/sssd to report any issues. </emphasis>"
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/local.xml:2
+msgid "THE LOCAL DOMAIN"
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:4
+msgid ""
+"In order to function correctly, a domain with <quote>id_provider=local</"
+"quote> must be created and the SSSD must be running."
+msgstr ""
+
+#. type: Content of: <refsect1><para>
+#: include/local.xml:9
+msgid ""
+"The administrator might want to use the SSSD local users instead of "
+"traditional UNIX users in cases where the group nesting (see <citerefentry> "
+"<refentrytitle>sss_groupadd</refentrytitle> <manvolnum>8</manvolnum> </"
+"citerefentry>) is needed. The local users are also useful for testing and "
+"development of the SSSD without having to deploy a full remote server. The "
+"<command>sss_user*</command> and <command>sss_group*</command> tools use a "
+"local LDB storage to store users and groups."
+msgstr ""
+
+#. type: Content of: <refsect1><title>
+#: include/seealso.xml:2
+msgid "SEE ALSO"
+msgstr "另见"
+
+#. type: Content of: <refsect1><para>
+#: include/seealso.xml:4
+msgid ""
+"<citerefentry> <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd.conf</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-krb5</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-simple</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sssd-ipa</"
+"refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> </"
+"citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> "
+"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry>, </phrase> <citerefentry> <refentrytitle>sss_cache</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupadd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_groupshow</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_useradd</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_usermod</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> </"
+"citerefentry>, <citerefentry> <refentrytitle>sss_seed</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</"
+"manvolnum> </citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> "
+"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, <citerefentry> "
+"<refentrytitle>sss_ssh_knownhostsproxy</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry>, </phrase> <citerefentry> <refentrytitle>pam_sss</"
+"refentrytitle><manvolnum>8</manvolnum> </citerefentry>."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:3
+#: include/ldap_search_bases_experimental.xml:3
+msgid ""
+"An optional base DN, search scope and LDAP filter to restrict LDAP searches "
+"for this attribute type."
+msgstr ""
+
+#. type: Content of: <listitem><para><programlisting>
+#: include/ldap_search_bases.xml:9
+#: include/ldap_search_bases_experimental.xml:9
+#, no-wrap
+msgid "search_base[?scope?[filter][?search_base?scope?[filter]]*]\n"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:7
+#: include/ldap_search_bases_experimental.xml:7
+msgid "syntax: <placeholder type=\"programlisting\" id=\"0\"/>"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:13
+#: include/ldap_search_bases_experimental.xml:13
+msgid ""
+"The scope can be one of \"base\", \"onelevel\" or \"subtree\". The filter "
+"must be a valid LDAP search filter as specified by http://www.ietf.org/rfc/"
+"rfc2254.txt"
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:19
+#: include/ldap_search_bases_experimental.xml:19
+msgid ""
+"For examples of this syntax, please refer to the <quote>ldap_search_base</"
+"quote> examples section."
+msgstr ""
+
+#. type: Content of: <listitem><para>
+#: include/ldap_search_bases.xml:27
+#: include/ldap_search_bases_experimental.xml:27
+msgid ""
+"Please note that specifying scope or filter is not supported for searches "
+"against an Active Directory Server that might yield a large number of "
+"results and trigger the Range Retrieval extension in the response."
+msgstr ""
+
+#. type: Content of: <para>
+#: include/autofs_restart.xml:2
+msgid ""
+"Please note that the automounter only reads the master map on startup, so if "
+"any autofs-related changes are made to the sssd.conf, you typically also "
+"need to restart the automounter daemon after restarting the SSSD."
+msgstr ""