summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-06-11 17:09:36 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-06-11 17:09:36 +0200
commitb20208b80e99abb79c00d5ec526caa9465859c52 (patch)
tree112cc311991e9fa86d87df830222efccca96946d
parenta1b7c5c7da843a5cb04bffcf11474ce44f442af8 (diff)
downloadsssd-1_9_93.tar.gz
sssd-1_9_93.tar.xz
sssd-1_9_93.zip
Updating translations for the 1.10 beta2 releasesssd-1_9_94sssd-1_9_93sssd-1_10_beta2
Diffstat
-rw-r--r--po/bg.po510
-rw-r--r--po/ca.po483
-rw-r--r--po/de.po501
-rw-r--r--po/es.po508
-rw-r--r--po/eu.po501
-rw-r--r--po/fr.po535
-rw-r--r--po/hu.po503
-rw-r--r--po/id.po501
-rw-r--r--po/it.po504
-rw-r--r--po/ja.po534
-rw-r--r--po/nb.po501
-rw-r--r--po/nl.po540
-rw-r--r--po/pl.po534
-rw-r--r--po/pt.po501
-rw-r--r--po/ru.po510
-rw-r--r--po/sssd.pot499
-rw-r--r--po/sv.po525
-rw-r--r--po/tg.po501
-rw-r--r--po/tr.po501
-rw-r--r--po/uk.po536
-rw-r--r--po/zh_CN.po501
-rw-r--r--po/zh_TW.po501
-rw-r--r--src/man/po/br.po1725
-rw-r--r--src/man/po/ca.po1823
-rw-r--r--src/man/po/cs.po1711
-rw-r--r--src/man/po/es.po1975
-rw-r--r--src/man/po/eu.po1711
-rw-r--r--src/man/po/fr.po2135
-rw-r--r--src/man/po/ja.po1898
-rw-r--r--src/man/po/lv.po1727
-rw-r--r--src/man/po/nl.po1741
-rw-r--r--src/man/po/pt.po1781
-rw-r--r--src/man/po/ru.po1723
-rw-r--r--src/man/po/sssd-docs.pot1676
-rw-r--r--src/man/po/tg.po1723
-rw-r--r--src/man/po/uk.po2056
-rw-r--r--src/man/po/zh_CN.po1717
37 files changed, 20275 insertions, 18077 deletions
diff --git a/po/bg.po b/po/bg.po
index d4bae0539..27a2fab81 100644
--- a/po/bg.po
+++ b/po/bg.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Bulgarian <trans-bg@lists.fedoraproject.org>\n"
"Language: bg\n"
@@ -298,800 +298,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
-msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
-msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA домейн"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Адрес на IPA сървър"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Име на хост на IPA клиент"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Адрес на Kerberos сървър"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos област"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Директория за съхранение на кеша за данни за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Местоположение на кеша за данни за удостоверяване на потребители"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Местоположение на keytab за валидиране на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Разреши проверката на данните за удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr "Записва паролата ако е офлайн за по-късно удостоверяване"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI на LDAP сървъра"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Базовият DN по подразбиране"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Използваният тип схема на LDAP сървъра, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Подразбиращият се bind DN"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Продължителност на опитите за свързване"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Продължителност на опитите за синхронни LDAP операции"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Продължителност на времето между опитите за връзка докато е офлайн"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Файл, съдържащ CA сертификати"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Път до директорията на CA сертификат"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Изисква TLS проверка на сертификат"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Задава за използване механизма sasl"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Задаване на sasl authorization id за употреба"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "keytab на Kerberos услуга"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Ползвай Kerberos auth за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Следвай LDAP референциите"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Продължителност на живот на TGT за LDAP връзка"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Продължителност на време за изчакване на заявка за търсене"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Продължителност на време между актуализации на изброяване"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Изисква TLS за ИД справките"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "атрибут Потребителско име"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "атрибут Първичен GID"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "атрибут Домашна директория"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "атрибут Команден интерпретатор"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "атрибут UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "атрибут User principal (за Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Пълно име"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "атрибут членНа"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "атрибут Момент на промяна"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Политика за определяне срок на валидност на парола"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "LDAP филтър за определяне права на достъп"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Списък разрешени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Списък забранени потребители, разделени със запетая"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Подразбиращ се команден интерпретатор, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Място за домашните директории"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Продължава като демон (по подразбиране)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Интерактивна работа (а не като демон)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Задаване на друг (не подразбиращия се) конфиг файл"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Ниво на debug"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1099,7 +1108,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1193,8 +1202,8 @@ msgstr "Паролата Ви е остаряла. Сменете я сега."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Нивото на debug записи при работа"
@@ -1203,24 +1212,23 @@ msgstr "Нивото на debug записи при работа"
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Грешка при задаване локални настр.\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1287,21 +1295,21 @@ msgstr "Задайте потребител за добавяне\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Грешка при инициализирането на инструментите - няма локален домейн\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Грешка при инициализирането на инструментите\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "В FQDN е зададен невалиден домейн\n"
@@ -1322,7 +1330,7 @@ msgstr "Групите трябва да са в същия домейн кат
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Не мога да задам стойностите по подразбиране\n"
@@ -1401,7 +1409,7 @@ msgstr "Група %1$s е извън дефинирания ID обхват з
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1514,68 +1522,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr "Потребител %1$s е извън дефинирания ID обхват за домейн\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1625,72 +1633,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1720,6 +1728,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/ca.po b/po/ca.po
index 58c66407b..dc4995cdc 100644
--- a/po/ca.po
+++ b/po/ca.po
@@ -10,8 +10,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: https://fedorahosted.org/sssd\n"
-"POT-Creation-Date: 2013-04-02 18:28+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-05-03 21:13+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Catalan <fedora@llistes.softcatala.org>\n"
"MIME-Version: 1.0\n"
@@ -295,776 +295,807 @@ msgstr "Substitueix el valor GID del proveïdor d'identitat amb aquest valor"
msgid "Treat usernames as case sensitive"
msgstr "Distingeix entre majúscules i minúscules als noms d'usuari"
+#: src/config/SSSDConfig/__init__.py.in:128
+msgid "Whether to automatically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:129
+#: src/config/SSSDConfig/__init__.py.in:142
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The interface whose IP should be used for dynamic DNS updates"
+msgstr "La interfície amb la IP que s'hauria d'utilitzar per les actualitzacions dinàmiques de DNS"
+
+#: src/config/SSSDConfig/__init__.py.in:131
+msgid "How often to periodically update the client's DNS entry"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:132
+msgid "Whether the provider should explicitly update the PTR record as well"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:133
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:134
+msgid "What kind of authentication should be used to perform the DNS update"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:137
msgid "IPA domain"
msgstr "Domini IPA"
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA server address"
msgstr "Adreça del servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "Address of backup IPA server"
msgstr "Adreça del servidor IPA de reserva "
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "IPA client hostname"
msgstr "Nom d'ordinador del client IPA"
-#: src/config/SSSDConfig/__init__.py.in:134
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Si actualitzar automàticament l'entrada DNS del client a FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:135
-msgid "The TTL to apply to the client's DNS entry after updating it"
-msgstr ""
-
-#: src/config/SSSDConfig/__init__.py.in:136
-msgid "The interface whose IP should be used for dynamic DNS updates"
-msgstr "La interfície amb la IP que s'hauria d'utilitzar per les actualitzacions dinàmiques de DNS"
-
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "Search base for HBAC related objects"
msgstr "Base de cerca pels objectes HBAC"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:145
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Quantitat de temps entre peticions de les regles HBAC contra el servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:147
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Si les regles DENY són presents, o DENY_ALL o IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Si s'estableix a fals, l'argument d'ordinador facilitat per PAM serà ignorat"
-#: src/config/SSSDConfig/__init__.py.in:142
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "The automounter location this IPA client is using"
msgstr "La ubicació del muntador automàtic que aquest client IPA està utilitzant"
-#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "Search base for object containing info about IPA domain"
msgstr "Base de cerca per a l'objecte que conté informació sobre el domini de l'IPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for objects containing info about ID ranges"
msgstr "Base de cerca per a objectes que contenen informació sobre intervals d'ID"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:152
+#: src/config/SSSDConfig/__init__.py.in:159
+msgid "Enable DNS sites - location based service discovery"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:155
msgid "Active Directory domain"
msgstr "Domini d'Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory server address"
msgstr "Adreça de servidor d'Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory backup server address"
msgstr "Adreça del servidor d'Active Directory de reserva"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory client hostname"
msgstr "Nom de màquina del client d'Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:153
-#: src/config/SSSDConfig/__init__.py.in:154
+#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:163
msgid "Kerberos server address"
msgstr "Adreça del servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos backup server address"
msgstr "Adreça de servidor Kerberos de reserva"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos realm"
msgstr "Reialme Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Authentication timeout"
msgstr "Temps d'espera de la autenticació"
-#: src/config/SSSDConfig/__init__.py.in:160
+#: src/config/SSSDConfig/__init__.py.in:169
msgid "Directory to store credential caches"
msgstr "Directori on emmagatzemar el cau de credencials"
-#: src/config/SSSDConfig/__init__.py.in:161
+#: src/config/SSSDConfig/__init__.py.in:170
msgid "Location of the user's credential cache"
msgstr "Ubicació de la cau de credencials d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:162
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Location of the keytab to validate credentials"
msgstr "Ubicació de la clau per validar les credencials"
-#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Enable credential validation"
msgstr "Activa la validació de credencials"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Store password if offline for later online authentication"
msgstr "Emmagatzema la contrasenya quan estigui fora de línia per autenticació en línia posterior"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Renewable lifetime of the TGT"
msgstr "Temps de vida renovable del TGT"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Lifetime of the TGT"
msgstr "Temps de vida del TGT"
-#: src/config/SSSDConfig/__init__.py.in:167
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Time between two checks for renewal"
msgstr "Temps entre les dues comprovacions per renovar"
-#: src/config/SSSDConfig/__init__.py.in:168
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Enables FAST"
msgstr "Activa FAST"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Selects the principal to use for FAST"
msgstr "Selecciona el principal per utilitzar amb FAST"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables principal canonicalization"
msgstr "Activa la canonització del principal"
-#: src/config/SSSDConfig/__init__.py.in:173
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:180
+msgid "Enables enterprise principals"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:184
msgid "Server where the change password service is running if not on the KDC"
msgstr "Servidor on es troba el servei de canvi de contrasenya si no és al KDC"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:187
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, La URI del servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:188
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, la URI del servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "The default base DN"
msgstr "La base DN per defecte"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "El tipus d'esquema en us al servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:181
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default bind DN"
msgstr "La connexió DN per defecte"
-#: src/config/SSSDConfig/__init__.py.in:182
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The type of the authentication token of the default bind DN"
msgstr "El tipus del testimoni d'autenticació a la connexió DN per defecte"
-#: src/config/SSSDConfig/__init__.py.in:183
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The authentication token of the default bind DN"
msgstr "El testimoni d'autenticació de la connexió DN per defecte"
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "Length of time to attempt connection"
msgstr "Llargària del temps per intentar una connexió"
-#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Llargària del temps per intentar operacions LDAP asíncrones"
-#: src/config/SSSDConfig/__init__.py.in:186
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time between attempts to reconnect while offline"
msgstr "Llargària del temps entre intents per re-connectar quan estigui fora de línia"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Use only the upper case for realm names"
msgstr "Utilitza només majúscules pels noms de reialme"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "File that contains CA certificates"
msgstr "Fitxer que conté els certificats CA"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Path to CA certificate directory"
msgstr "Ruta al directori de certificats CA"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains the client certificate"
msgstr "Fitxer que conté el certificat de client"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "File that contains the client key"
msgstr "Fitxer que conté la clau de client"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "List of possible ciphers suites"
msgstr "Llista de paquets de xifrat possibles"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "Require TLS certificate verification"
msgstr "Requereix verificació de certificat TLS"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "Specify the sasl mechanism to use"
msgstr "Especifica el mecanisme sasl a utilitzar"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Specify the sasl authorization id to use"
msgstr "Escecifica l'id d'autorització sasl a utilitzar"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl authorization realm to use"
msgstr "Especifica el reialme d'autorització sasl a utilitzar"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Especifica el SSF mínim per autorització sasl de LDAP"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Kerberos service keytab"
msgstr "Clau de servei Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utilitza autenticació Kerberos per la connexió LDAP"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Follow LDAP referrals"
msgstr "Segueix les referències LDAP"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Lifetime of TGT for LDAP connection"
msgstr "Temps de vida del TGT per la connexió LDAP"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "How to dereference aliases"
msgstr "Com desreferenciar àlies"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Service name for DNS service lookups"
msgstr "Nom del servei per les peticions DNS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "The number of records to retrieve in a single LDAP query"
msgstr "El número de registres a recuperar en una sola petició LDAP"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "The number of members that must be missing to trigger a full deref"
msgstr "El número de membres que han de faltar per activar una de-referència completa"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:216
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the"
" host name during a SASL bind"
msgstr "Si la biblioteca LDAP hauria de realitzar una petició inversa per canonalitzar el nom d'ordinador durant la connexió SASL"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:218
msgid "entryUSN attribute"
msgstr "atribut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:219
msgid "lastUSN attribute"
msgstr "atribut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:221
msgid ""
"How long to retain a connection to the LDAP server before disconnecting"
msgstr "Quant temps s'ha de retenir una connexió al servidor LDAP abans de desconnectar"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "Disable the LDAP paging control"
msgstr "Desactiva el control de paginació LDAP"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:226
msgid "Length of time to wait for a search request"
msgstr "Llargària de temps a esperar per una petició de cerca"
-#: src/config/SSSDConfig/__init__.py.in:217
+#: src/config/SSSDConfig/__init__.py.in:227
msgid "Length of time to wait for a enumeration request"
msgstr "Llargària de temps a esperar per una petició d'enumeració"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:228
msgid "Length of time between enumeration updates"
msgstr "Llargària de temps entre actualitzacions d'enumeració"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time between cache cleanups"
msgstr "Llargària de temps entre neteges del cau"
-#: src/config/SSSDConfig/__init__.py.in:220
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Require TLS for ID lookups"
msgstr "Requereix TLS per cerques d'ID"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Utilitza mapejat d'IDs enlloc de IDs pre-establerts"
-#: src/config/SSSDConfig/__init__.py.in:222
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Base DN for user lookups"
msgstr "DN base per cerques d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Scope of user lookups"
msgstr "Abast de les cerques d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:224
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Filter for user lookups"
msgstr "Filtre per les cerques d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:225
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Objectclass for users"
msgstr "Objectclass dels usuaris"
-#: src/config/SSSDConfig/__init__.py.in:226
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Username attribute"
msgstr "Atribut del nom d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "UID attribute"
msgstr "Atribut de l'UID"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Primary GID attribute"
msgstr "Atribut del GID primari"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:240
msgid "GECOS attribute"
msgstr "Atribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "Home directory attribute"
msgstr "Atribut del directori d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Shell attribute"
msgstr "Atribut d'intèrpret d'ordres"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "UUID attribute"
msgstr "Atribut de l'UUID"
-#: src/config/SSSDConfig/__init__.py.in:234
-#: src/config/SSSDConfig/__init__.py.in:270
+#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "objectSID attribute"
msgstr "Atribut de l'objectSID"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Atribut del grup primari de l'Active Directory per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "User principal attribute (for Kerberos)"
msgstr "Atribut d'usuari principal (per a Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:237
+#: src/config/SSSDConfig/__init__.py.in:247
msgid "Full Name"
msgstr "Nom complet"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "memberOf attribute"
msgstr "Atribut de memberOf"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "Modification time attribute"
msgstr "Atribut de data de modificació"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "shadowLastChange attribute"
msgstr "Atribut de shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "shadowMin attribute"
msgstr "Atribut de shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:253
msgid "shadowMax attribute"
msgstr "Atribut de shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:244
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowWarning attribute"
msgstr "Atribut de shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowInactive attribute"
msgstr "Atribut de shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowExpire attribute"
msgstr "Atribut de shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowFlag attribute"
msgstr "Atribut de shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "Attribute listing authorized PAM services"
msgstr "Atribut que llista els serveis PAM autoritzats"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "Attribute listing authorized server hosts"
msgstr "Atribut que llista els servidors autoritzats"
-#: src/config/SSSDConfig/__init__.py.in:250
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "krbLastPwdChange attribute"
msgstr "Atribut de krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "krbPasswordExpiration attribute"
msgstr "Atribut de krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute indicating that server side password policies are active"
msgstr "Atribut que indica l'activació de les polítiques de contrasenya de servidor"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "accountExpires attribute of AD"
msgstr "Atribut de l'AD de accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "userAccountControl attribute of AD"
msgstr "Atribut de l'AD de userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "nsAccountLock attribute"
msgstr "Atribut de nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "loginDisabled attribute of NDS"
msgstr "Atribut del NDS de loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "loginExpirationTime attribute of NDS"
msgstr "Atribut del NDS de loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Atribut del NDS de loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "SSH public key attribute"
msgstr "Atribut de la clau pública SSH"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "Base DN for group lookups"
msgstr "DN base per cerques de grup"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Objectclass for groups"
msgstr "Objectclass per grups"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:275
msgid "Group name"
msgstr "Nom del grup"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:276
msgid "Group password"
msgstr "Contrasenya del grup"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "GID attribute"
msgstr "Atribut GID"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group member attribute"
msgstr "Atribut del membre de grup"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group UUID attribute"
msgstr "Atribut de l'UUID de grup"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Modification time attribute for groups"
msgstr "Atribut de data de modificació per grups"
-#: src/config/SSSDConfig/__init__.py.in:273
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "Maximum nesting level SSSd will follow"
msgstr "El nivell d'imbricament màxim que seguirà l'SSSd"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:285
msgid "Base DN for netgroup lookups"
msgstr "DN base per cerques de grups de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Objectclass for netgroups"
msgstr "Objectclass per grups de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:287
msgid "Netgroup name"
msgstr "Nom de grup de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Netgroups members attribute"
msgstr "Atribut de membres de grup de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Netgroup triple attribute"
msgstr "Atribut triple de grup de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup UUID attribute"
msgstr "Atribut d'UUID de grup de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Modification time attribute for netgroups"
msgstr "Atribut de data de modificació de grups de xarxa"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Base DN for service lookups"
msgstr "DN base per cerques de serveis"
-#: src/config/SSSDConfig/__init__.py.in:284
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Objectclass for services"
msgstr "Objectclass per serveis"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:295
msgid "Service name attribute"
msgstr "Atribut de nom de serveis"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Service port attribute"
msgstr "Atribut de port de serveis"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Service protocol attribute"
msgstr "Atribut de protocol de serveis"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Lower bound for ID-mapping"
msgstr "Límit inferior per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:301
msgid "Upper bound for ID-mapping"
msgstr "Límit superior per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:292
+#: src/config/SSSDConfig/__init__.py.in:302
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Número d'IDS per cada llesca en mapejar IDs"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Utilitza l'algoritme compatible d'autorid per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Name of the default domain for ID-mapping"
msgstr "Nom del domini per defecte per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "SID of the default domain for ID-mapping"
msgstr "SID del domini per defecte per mapejat d'IDs"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a cerques de grup"
-#: src/config/SSSDConfig/__init__.py.in:298
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Utilitza LDAP_MATCHING_RULE_IN_CHAIN per a cerques d'initgroup"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Policy to evaluate the password expiration"
msgstr "Política per avaluar l'expiració de contrasenya"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "LDAP filter to determine access privileges"
msgstr "Filtre LDAP per determinar els privilegis d'accés"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:315
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Quins atributs s'haurien d'utilitzar per avaluar si el compte està expirat"
-#: src/config/SSSDConfig/__init__.py.in:306
+#: src/config/SSSDConfig/__init__.py.in:316
msgid "Which rules should be used to evaluate access control"
msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés"
-#: src/config/SSSDConfig/__init__.py.in:309
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "URI of an LDAP server where password changes are allowed"
msgstr "L'URI d'un servidor LDAP on es permeten els canvis de contrasenya"
-#: src/config/SSSDConfig/__init__.py.in:310
+#: src/config/SSSDConfig/__init__.py.in:320
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "URI d'un servidor LDAP reserva on es permet canvis de contrasenya"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:321
msgid "DNS service name for LDAP password change server"
msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes"
-#: src/config/SSSDConfig/__init__.py.in:312
+#: src/config/SSSDConfig/__init__.py.in:322
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr "Si voleu actualitzar l'atribut ldap_user_shadow_last_change després d'un canvi de contrasenya"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:325
msgid "Base DN for sudo rules lookups"
msgstr "DN base per cerques de regles sudo"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:326
msgid "Automatic full refresh period"
msgstr "Període d'actualització automàtica completa"
-#: src/config/SSSDConfig/__init__.py.in:317
+#: src/config/SSSDConfig/__init__.py.in:327
msgid "Automatic smart refresh period"
msgstr "Període d'actualització automàtica intel·ligent"
-#: src/config/SSSDConfig/__init__.py.in:318
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Si voleu filtrar les normes per nom de màquina, adreça IP i xarxa"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:329
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo"
" rules"
msgstr "Noms de màquina i/o noms de domini plenament qualificat d'aquesta màquina per filtrar regles de sudo"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr "Si voleu incloure regles que contenen netgroup en l'atribut de màquina"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr "Si voleu incloure regles que contenen expressions regulars en l'atribut de màquina"
-#: src/config/SSSDConfig/__init__.py.in:323
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "Object class for sudo rules"
msgstr "Objectclass de les regles sudo"
-#: src/config/SSSDConfig/__init__.py.in:324
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Sudo rule name"
msgstr "Nom de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:335
msgid "Sudo rule command attribute"
msgstr "Attribut de la comanda de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Sudo rule host attribute"
msgstr "Atribut de l'ordinador de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule user attribute"
msgstr "Atribut de l'usuari de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule option attribute"
msgstr "Atribut de l'opció de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule runasuser attribute"
msgstr "Atribut de runasuser de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule runasgroup attribute"
msgstr "Atribut de runasgroup de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule notbefore attribute"
msgstr "Atribut de notbefore de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule notafter attribute"
msgstr "Atribut de notafter de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule order attribute"
msgstr "Atribut d'ordre de la regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Object class for automounter maps"
msgstr "Objectclass dels mapes automounter"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:347
msgid "Automounter map name attribute"
msgstr "Atribut del nom del mapa automounter"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:348
msgid "Object class for automounter map entries"
msgstr "Objectclass de les entrades del mapa automounter"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Automounter map entry key attribute"
msgstr "Atribut de la clau d'entrada del mapa automounter"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map entry value attribute"
msgstr "Atribut del valor de l'entrada del mapa automounter"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Base DN for automounter map lookups"
msgstr "DN base per cerques del mapa automounter"
-#: src/config/SSSDConfig/__init__.py.in:344
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Comma separated list of allowed users"
msgstr "Llista separada per comes dels usuaris autoritzats"
-#: src/config/SSSDConfig/__init__.py.in:345
+#: src/config/SSSDConfig/__init__.py.in:355
msgid "Comma separated list of prohibited users"
msgstr "Llista separada per comes dels usuaris no autoritzats"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Default shell, /bin/bash"
msgstr "Intèrpret d'ordres per defecte, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:359
msgid "Base for home directories"
msgstr "Base pels directoris d'usuari"
-#: src/config/SSSDConfig/__init__.py.in:352
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "The name of the NSS library to use"
msgstr "El nom de la biblioteca NSS a utilitzar"
-#: src/config/SSSDConfig/__init__.py.in:353
+#: src/config/SSSDConfig/__init__.py.in:363
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Cercar nom de grup canònic al cau si és possible"
-#: src/config/SSSDConfig/__init__.py.in:356
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "PAM stack to use"
msgstr "Pila PAM a utilitzar"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2644
msgid "Become a daemon (default)"
msgstr "Esdevé un dimoni (per defecte)"
-#: src/monitor/monitor.c:2648
+#: src/monitor/monitor.c:2646
msgid "Run interactive (not a daemon)"
msgstr "Executa interactivament (no com a dimoni)"
-#: src/monitor/monitor.c:2650 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Especifica un fitxer de configuració diferent al per defecte"
-#: src/monitor/monitor.c:2652
+#: src/monitor/monitor.c:2650
msgid "Print version number and exit"
msgstr "Imprimeix el número de versió i surt"
-#: src/providers/krb5/krb5_child.c:2059 src/providers/ldap/ldap_child.c:435
+#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
#: src/util/util.h:91
msgid "Debug level"
msgstr "Nivell de depuració"
-#: src/providers/krb5/krb5_child.c:2061 src/providers/ldap/ldap_child.c:437
+#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
#: src/util/util.h:95
msgid "Add debug timestamps"
msgstr "Afegeix marques de temps de depuració"
-#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:439
+#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
#: src/util/util.h:97
msgid "Show timestamps with microseconds"
msgstr "Mostra les marques de temps amb microsegons"
-#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:441
+#: src/providers/krb5/krb5_child.c:2069 src/providers/ldap/ldap_child.c:441
msgid "An open file descriptor for the debug logs"
msgstr "Un descriptor de fitxer obert pels registres de depuració"
-#: src/providers/data_provider_be.c:2704
+#: src/providers/data_provider_be.c:2709
msgid "Domain of the information provider (mandatory)"
msgstr "Domini del proveïdor d'informació (obligatori)"
@@ -1159,7 +1190,7 @@ msgstr "La contrasenya ha expirat. Canviau la vostra contrasenya ara."
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:468 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "El nivell de depuració amb el que executar-se"
@@ -1172,7 +1203,7 @@ msgstr "El domini SSSD a utilitzar"
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:499
+#: src/tools/sss_cache.c:555
msgid "Error setting the locale\n"
msgstr "S'ha produït un error en establir la localització\n"
@@ -1584,84 +1615,76 @@ msgstr "No s'ha pogut modificar l'usuari - l'usuari ja pertany als grups?\n"
msgid "Transaction error. Could not modify user.\n"
msgstr "S'ha produït un error en la transacció. No s'ha pogut modificar l'usuari.\n"
-#: src/tools/sss_cache.c:144
+#: src/tools/sss_cache.c:162
msgid "No cache object matched the specified search\n"
msgstr "Cap objecte cau ha coincidit amb la cerca especificada\n"
-#: src/tools/sss_cache.c:325
-#, c-format
-msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-msgstr ""
-
-#: src/tools/sss_cache.c:328
-#, c-format
-msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-msgstr ""
-
-#: src/tools/sss_cache.c:340
+#: src/tools/sss_cache.c:396
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "No s'ha pogut invalidar %1$s"
-#: src/tools/sss_cache.c:347
+#: src/tools/sss_cache.c:403
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "No s'ha pogut invalidar %1$s %2$s"
-#: src/tools/sss_cache.c:470
+#: src/tools/sss_cache.c:526
msgid "Invalidate particular user"
msgstr "Invalida l'usuari particular"
-#: src/tools/sss_cache.c:472
+#: src/tools/sss_cache.c:528
msgid "Invalidate all users"
msgstr "Invalida tots els usuaris"
-#: src/tools/sss_cache.c:474
+#: src/tools/sss_cache.c:530
msgid "Invalidate particular group"
msgstr "Invalida el grup particular"
-#: src/tools/sss_cache.c:476
+#: src/tools/sss_cache.c:532
msgid "Invalidate all groups"
msgstr "Invalida tots els grups"
-#: src/tools/sss_cache.c:478
+#: src/tools/sss_cache.c:534
msgid "Invalidate particular netgroup"
msgstr "Invalida el grup de xarxa particular"
-#: src/tools/sss_cache.c:480
+#: src/tools/sss_cache.c:536
msgid "Invalidate all netgroups"
msgstr "Invalida tots els grups de xarxa"
-#: src/tools/sss_cache.c:482
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular service"
msgstr "Invalida el servei particular"
-#: src/tools/sss_cache.c:484
+#: src/tools/sss_cache.c:540
msgid "Invalidate all services"
msgstr "Invalida tots els serveis"
-#: src/tools/sss_cache.c:487
+#: src/tools/sss_cache.c:543
msgid "Invalidate particular autofs map"
msgstr "Invalida el mapa autofs particular"
-#: src/tools/sss_cache.c:489
+#: src/tools/sss_cache.c:545
msgid "Invalidate all autofs maps"
msgstr "Invalida tots els mapes autofs"
-#: src/tools/sss_cache.c:492
+#: src/tools/sss_cache.c:548
msgid "Only invalidate entries from a particular domain"
msgstr "Invalida les entrades només d'un domini particular"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:590
msgid "Please select at least one object to invalidate\n"
msgstr "Si us plau, seleccionau al menys un objecte per invalidar\n"
-#: src/tools/sss_cache.c:604
+#: src/tools/sss_cache.c:660
#, c-format
-msgid "Could not open domain %1$s\n"
-msgstr "No s'ha pogut obrir el domini %1$s\n"
+msgid ""
+"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
+"use fully qualified name instead of --domain/-d parameter.\n"
+msgstr ""
-#: src/tools/sss_cache.c:606
+#: src/tools/sss_cache.c:664
msgid "Could not open available domains\n"
msgstr "No s'han pogut obrir els dominis disponibles\n"
diff --git a/po/de.po b/po/de.po
index 40d0b4c6e..56886cbda 100644
--- a/po/de.po
+++ b/po/de.po
@@ -9,8 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: German <trans-de@lists.fedoraproject.org>\n"
"Language: de\n"
@@ -295,797 +295,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-Domain"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA-Client-Rechnername"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos-Serveradresse"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos Realm"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Benutzername-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "UID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "GECOS-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Shell-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID-Attribut"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Vollständiger Name"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1093,7 +1105,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1187,8 +1199,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1197,24 +1209,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1281,21 +1292,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1316,7 +1327,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1393,7 +1404,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1506,68 +1517,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1617,72 +1628,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1712,6 +1723,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/es.po b/po/es.po
index 406c78521..34fae67f3 100644
--- a/po/es.po
+++ b/po/es.po
@@ -13,8 +13,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n"
"Language: es\n"
@@ -322,318 +322,319 @@ msgid "Treat usernames as case sensitive"
msgstr "Trate al nombre de usuario con mayúsculas y minúsculas"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
-"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"La interfaz cuya IP debería ser utilizada para actualizaciones DNS "
"automáticas"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"La interfaz cuya IP debería ser utilizada para actualizaciones DNS "
-"automáticas"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Dirección del servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Nombre de equipo del cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Si actualizar o no en forma automática la entrada DNS del cliente en FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Búsqueda base para objetos HBAC"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Cantidad de tiempo entre búsquedas de reglas HBAC contra el servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
"Si se encuentran presentes reglas de negación (DENY) o bien se niega todo "
"(DENY_ALL) o se ignora (IGNORE)"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Si se lo define en 'false', será ignorado el argumento de equipo ofrecido "
"por PAM"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "La ubicación de montaje automático que este cliente de IPA está usando"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Dirección del servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Reinado Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Expiración de la autenticación"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Directorio donde almacenar las credenciales cacheadas"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Ubicación del caché de credenciales del usuario"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Ubicación de la tabla de claves para validar las credenciales"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Habilitar la validación de credenciales"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
"Si se encuentra desconectado, almacena contraseñas para más tarde realizar "
"una autenticación en línea"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "ciclo de vida renovable del TGT"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "ciclo de vida del TGT"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "tiempo entre dos comprobaciones para renovación "
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Habilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Selecciona el principal para su uso por FAST"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Habilita canonicalización principal"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"El servidor en donde está ejecutándose el servicio de modificación de "
"contraseña, en caso de no ser KDC. "
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, El URI del servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "DN base predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "El Tipo de Esquema a usar en el servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "El DN Bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "El tipo del token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "El token de autenticación del DN bind predeterminado"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Tiempo durante el que se intentará la conexión"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tiempo durante el que se intentará operaciones LDAP sincrónicas"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tiempo entre intentos de reconexión cuando esté fuera de línea"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Use solo el caso superior para nombres reales"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Archivo que contiene los certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Ruta hacia un directorio certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Fichero que contiene el certificado de cliente"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Fichero que contiene la llave de cliente"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Lista de posibles suites de cifrado"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Requiere la verificación de certificado TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Especificar el mecanismo sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Especifique el id de autorización sasl a usar"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Especifica el reinado de autorización sasl a ser utilizado"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Especificar los SSF mínimos para autorizaciones sasl de LDAP"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Tabla de clave del servicio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usar auth Kerberos para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Seguir referencias LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Período de vida del TGT para la conexión LDAP"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Como eliminar aliases"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Nombre de servicio para busquedas de servicios DNS"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "La cantidad de registros a ser obtenidos en una única consulta LDAP"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"La cantidad de miembros que deben faltar para desencadenar una deref completa"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -641,508 +642,512 @@ msgstr ""
"Si la Biblioteca LDAP debería realizar una búsqueda inversa para "
"canonicalizar el nombre del host durante un enlace SASL"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "atributo entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "atributo lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"El período de tiempo máximo para retener una conexión con el servidor LDAP "
"antes de desconectar"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Deshabilita el control de paginación LDAP"
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Tiempo máximo a esperar un pedido de búsqueda"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "periodo de espera para solicitud de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Tiempo en segundos entre las actualizaciones de enumeración"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "periodo de tiempo entre borrados de la caché"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Requiere TLS para búsquedas de ID"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "DN base para búsquedas de usuario"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Ambito de las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filtro para las búsquedas del usuario"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass para los usuarios"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Atributo Username"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Atributo GID primario"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Atributo Directorio de inicio"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Atributo shell"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal del usuario (para Kerberos) "
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Nombre completo"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Atributo hora de modificación"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "atributo shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "atributo shadowMin "
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "atributo shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "atributo shadowWarning "
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "atributo shadowInactive "
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "atributo shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "atributo shadowFlag "
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "listado de atributos de servicios PAM autorizados"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Atributo de listado de equipos de servidor autorizados"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "atributo krbLastPwdChange "
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "atributo krbPasswordExpiration "
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"atributo indicando que las políticas de contraseña del lado del servidor "
"están activas"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "atributo accountExpires de AD"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "atributo userAccountControl de AD"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "atributo nsAccountLock "
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap atributo de NDS"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "Atributo de clave pública SSH"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "DN base para busqueda de grupos"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "clase objeto para"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Nombre del grupo"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Contraseña del grupo"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "Atributo GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Atributo de miembro del grupo"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Atributo de UUID del grupo"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Atributo de modificación de tiempo para los grupos"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "A continuación, nivel SSSD de anidado máximo"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "DN base para búsquedas de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Clases de objetos para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Nombre de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Atributo de miembros de grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Atributo triple de grupo de red"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Atributo UUID de miembro de red"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Atributo de modificación de tiempo para grupos de red"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Base DN para servicio de búsquedas"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Clase de objeto para servicio"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Atributo de nombre de servicio"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Atributo de puerto de servicio"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Atributo de protocolo de servidor"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Política para evaluar el vencimiento de la contraseña"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP para determinar privilegios de acceso"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Los atributos que deberán ser utilizados para evaluar si una cuenta ha "
"expirado"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr "Las reglas que deberían ser utilizadas para evaluar control de acceso"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI de un servidor LDAP donde se permite la modificación de contraseñas"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
"Nombre del servicio DNS para el servidor de modificación de contraseñas LDAP"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Base DN para búsquedas de reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Objeto clase para reglas sudo"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Nombre de regla sudo"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Atributo de regla de comando sudo"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Atributo de la regla host de sudo"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Atributo de la regla usuario de sudo"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Atributo de la regla opción de sudo"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "Atributo de la regla suda runasuser"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Atributo de regla runasgroup de sudo"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Atributo de regla notbefore de sudo"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Atributo de regla noafter de sudo"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Atributo de regla orden de sudo"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Objeto clase para mapas automontador"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Atributo de nombre de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Objeto clase para entradas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Atributo de clave de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Atributo de valor de entrada para mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Base DN para búsquedas de mapa de automontador"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Lista separada por comas de usuarios autorizados"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Lista separada por comas de usuarios prohibidos"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Shell predeterminado, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Base de los directorios de inicio"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Nombre de la biblioteca NSS a usar"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Pila PAM a usar"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Convertirse en demonio (predeterminado)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Ejecutarse en forma interactiva (no un demonio)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Indicar un archivo de configuración diferente al predeterminado"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Muestra el número de versión y finaliza"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Nive de depuración"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Agregar marcas de tiempo de depuración"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Mostrar marcas de tiempo con microsegundos"
@@ -1150,7 +1155,7 @@ msgstr "Mostrar marcas de tiempo con microsegundos"
msgid "An open file descriptor for the debug logs"
msgstr "Un arhivo abierto de descriptor para los registros de depuración"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del proveedor de información (obligatorio)"
@@ -1245,8 +1250,8 @@ msgstr "La contraseña ha expirado. Modifíquela en este preciso momento."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Nivel de depuración en que se debe ejecutar"
@@ -1255,24 +1260,23 @@ msgstr "Nivel de depuración en que se debe ejecutar"
msgid "The SSSD domain to use"
msgstr "El dominio SSSD a usar"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Error al poner la región\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Nos hay suficiente memoria\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Usuario no especificado\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Error buscando claves públicas\n"
@@ -1340,21 +1344,21 @@ msgstr "Especifique el usuario a agregar\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Error al inicializar las herramientas - no hay dominio local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Error al inicializar las herramientas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Dominio inválido especificado en FQDN\n"
@@ -1375,7 +1379,7 @@ msgstr "Los grupos deben estar en el mismo dominio que el usuario\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "No se pudieron establecer los valores predeterminados\n"
@@ -1454,7 +1458,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1577,71 +1581,71 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Error interno. No se pudo imprimir el grupo.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Eliminar el directorio de inicio y el receptor de correo"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "No eliminar el directorio de inicio y el receptor de correo"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Forzar la eliminación de los archivos que no pertenecen al usuario"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Finaliza los procesos del usuario antes de eliminarlo"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Especifique el usuario a borrar\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "No es posible reiniciar contexto de registro de SELinux\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"No es posible determinar si el usuario estaba registrado en esta plataforma"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Error mientras se verificaba si el usuario se encontraba registrado\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "No eliminando el directorio de inicio - no pertenece al usuario\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"No existe ese usuario en el dominio local. La eliminación de usuarios se "
"permite en el dominio local.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Error interno. No se pudo eliminar el usuario.\n"
@@ -1696,72 +1700,72 @@ msgstr "Error de transacción. No se pudo modificar el usuario.\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Usuario particular invalidado"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Todos los usuarios invalidados"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1791,6 +1795,6 @@ msgstr "Falta memoria\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Envia el resultado de la depuración hacia archivos en lugar de stderr"
diff --git a/po/eu.po b/po/eu.po
index 3634e9d54..2b3a49c7c 100644
--- a/po/eu.po
+++ b/po/eu.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Basque (http://www.transifex.com/projects/p/fedora/language/"
"eu/)\n"
@@ -295,797 +295,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA domeinua"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA zerbitzariaren helbidea"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA bezeroaren ostalari-izena"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "FAST gaitzen du"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "entryUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "lastUSN atributua"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "UID atributua"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID atributua"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "objectSID atributua"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Izen osoa"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "shadowLastChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "shadowMin atributua"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "shadowMax atributua"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "shadowWarning atributua"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "shadowInactive atributua"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "shadowExpire atributua"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "shadowFlag atributua"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange atributua"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration atributua"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "ADren accountExpires atributua"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "ADren userAccountControl atributua"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "nsAccountLock atributua"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Talde-izena"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Taldearen pasahitza"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "GID atributua"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Taldearen UUID atributua"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Shell lehenetsia, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Inprimatu bertsio zenbakia eta irten"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Arazketa maila"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Gehitu arazketako data-zigiluak"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1093,7 +1105,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1187,8 +1199,8 @@ msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1197,24 +1209,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Errorea gako publikoak bilatzean\n"
@@ -1281,21 +1292,21 @@ msgstr "Zehaztu gehitu beharreko erabiltzailea\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Errorea tresnak hasieratzean - domeinu lokalik ez\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Errorea tresnak hasieratzean\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Baliogabeko domeinua zehaztu da FQDN-n\n"
@@ -1316,7 +1327,7 @@ msgstr "Taldeek erabiltzailearen domeinu berean egon behar dute\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Ezin dira balio lehenetsiak ezarri\n"
@@ -1393,7 +1404,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1506,68 +1517,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1617,72 +1628,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Baliogabetu erabiltzaile bat"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Baliogabetu erabiltzaile guztiak"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Baliogabetu talde bat"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Baliogabetu talde guztiak"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Baliogabetu zerbitzu bat"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Baliogabetu zerbitzu guztiak"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1712,6 +1723,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/fr.po b/po/fr.po
index 9b10ef2bd..eb7c50424 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -10,8 +10,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 18:00+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:50+0000\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French <trans-fr@lists.fedoraproject.org>\n"
"Language: fr\n"
@@ -331,319 +331,324 @@ msgid "Treat usernames as case sensitive"
msgstr "Considère les noms d'utilisateur comme casse dépendant"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
-"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
-msgstr "Le TTL à appliquer à l'entrée DNS du client après modification"
+msgid "Whether to automatically update the client's DNS entry"
+msgstr "Choisir de mettre à jour automatiquement l'entrée DNS du client"
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "Le TTL à appliquer à l'entrée DNS du client après modification"
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interface dont l'adresse IP doit être utilisée pour les mises à jour "
"dynamiques du DNS"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr ""
-"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
+msgstr "Fréquence de mise à jour automatique de l'entrée DNS du client"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
+"Selon que le fournisseur doit aussi ou non mettre à jour explicitement "
+"l'enregistrement PTR"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "Selon que l'utilitaire nsupdate doit utiliser TCP par défaut"
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"L'interface dont l'adresse IP doit être utilisée pour les mises à jour "
-"dynamiques du DNS"
+"Quel type d'authentification doit être utilisée pour effectuer la mise à "
+"jour DNS"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Adresse du serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "Adresse du serveur IPA de secours"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Nom de système du client IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Choisir de mettre à jour automatiquement l'entrée DNS du client dans FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Base de recherche pour les objets HBAC"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Délai entre les recherches de règles HBAC sur le serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Délai entre les recherches de cartes SELinux sur le serveur IPA"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Si les règles DENY sont présentes, utiliser soit DENY_ALL soit IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Si mit à false, l’argument de l'hôte donné par PAM est ignoré"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
"L'emplacement de la carte de montage automatique utilisée par le client IPA"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Base de recherche pour l'objet contenant les informations de base à propos "
"du domaine IPA"
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Base de recherche pour les objets contenant les informations à propos des "
"plages d'ID"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
-msgstr ""
+msgstr "Activer les sites DNS - découverte de service basée sur l'emplacement"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Domaine Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Adresse du serveur Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Adresse du serveur Active Directory de secours"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Nom de système du client Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Adresse du serveur Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Adresse du serveur Kerberos de secours"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Domaine Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Délai avant expiration de l'authentification"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Répertoire pour stocker les caches de crédits"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Emplacement du cache de crédits de l'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Emplacement du fichier keytab de validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Activer la validation des crédits"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
"Stocker le mot de passe, si hors-ligne, pour une authentification ultérieure "
"en ligne"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "Durée de vie renouvelable du TGT"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "Durée de vie du TGT"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Durée entre deux vérifications pour le renouvellement"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Active FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Sélectionne le principal pour être utilisé avec FAST"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Active la canonisation du principal"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "Active les principals d'entreprise"
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serveur où tourne le service de changement de mot de passe s'il n'est pas "
"sur le KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'adresse du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, l'URI du serveur LDAP"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "La base DN par défaut"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Le type de schéma utilisé sur le serveur LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Le DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Le type de jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Le jeton d'authentification du DN de connexion par défaut"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Durée pendant laquelle il sera tenté d'établir la connexion"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durée pendant laquelle il sera tenté des opérations LDAP synchrones"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durée d'attente entre deux essais de reconnexion en mode hors-ligne"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "N'utiliser que des majuscules pour les noms de domaine"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Fichier contenant les certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Chemin vers le répertoire de certificats des CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Fichier contenant le certificat client"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Fichier contenant la clé du client"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Liste des suites de chiffrement possibles"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Requiert une vérification de certificat TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Spécifier le mécanisme SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Spécifier l'identité d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Spécifier le domaine d'authorisation SASL à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Spécifie le minimum SSF pour l'autorisation sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Service du fichier keytab de Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utiliser l'authentification Kerberos pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Suivre les référents LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Durée de vie du TGT pour la connexion LDAP"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Comment déréférencer les alias"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Nom du service pour les recherches DNS"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Le nombre d'enregistrements à récupérer dans une requête LDAP unique"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Nombre de membres qui doivent être manquants pour activer un déréférencement "
"complet"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -651,346 +656,351 @@ msgstr ""
"Est-ce que la bibliothèque LDAP doit effectuer une requête pour canoniser le "
"nom d'hôte pendant une connexion SASL ?"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "attribut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "attribut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Combien de temps conserver la connexion au serveur LDAP avant de se "
"déconnecter"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Désactiver le contrôle des pages LDAP"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Adresse du serveur Active Directory"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Durée d'attente pour une requête de recherche"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "Durée d'attente pour une requête d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Durée entre deux mises à jour d'énumération"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Durée entre les nettoyages de cache"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "TLS est requis pour les recherches d'identifiants"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Utilisation de la correspondance d'ID pour les objectSID au lieu d'ID pré-"
"établis"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Base DN pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Scope des recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filtre pour les recherches d'utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Classe d'objet pour les utilisateurs"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Attribut de nom d'utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Attribut UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Attribut de GID primaire"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Attribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Attribut de répertoire utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Attribut d'interpréteur de commandes"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Attribut UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "attribut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Groupe primaire Active Directory pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Attribut d'utilisateur principal (pour Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Nom complet"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Attribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Attribut de date de modification"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "Attribut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "Attribut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "Attribut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "Attribut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "Attribut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "Attribut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "Attribut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "Attribut listant les services PAM autorisés"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Attribut listant les systèmes serveurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "Attribut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "Attribut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Attribut indiquant que la stratégie de mot de passe du serveur est active"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "Attribut AD accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "Attribut AD userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "Attribut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "Attribut NDS loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "Attribut NDS loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Attribut NDS loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "Attribut de clé public SSH"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "DN de base pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "Classe d'objet pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Nom du groupe"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Mot de passe du groupe"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "Attribut GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Attribut membre du groupe"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Attribut d'UUID du groupe"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Attribut de date de modification pour les groupes"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "Niveau de récursion maximum que SSSd doit suivre"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "DN de base pour les recherches de netgroup"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Classe d'objet pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Nom du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Attribut des membres des groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Attribut triplet du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Attribut d'UUID du groupe réseau"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Attribut date de modification pour les groupes réseau"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de service"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Classe objet pour les services"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Attribut de nom de service"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Attribut de port du service"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Attribut de service du protocole"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "Limite inférieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "Limite supérieure pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Nombre d'ID par tranche pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Utilisation d'un algorithme compatible autorid pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "Nom du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "SID du domaine par défaut pour la correspondance d'ID"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Utiliser LDAP_MATCHING_RULE_IN_CHAIN pour les recherches de groupes "
"d'initialisation"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Stratégie d'évaluation de l'expiration du mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Filtre LDAP pour déterminer les autorisations d'accès"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Quels attributs utiliser pour déterminer si un compte a expiré"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr "Quelles règles utiliser pour évaluer le contrôle d'accès"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI d'un serveur LDAP où les changements de mot de passe sont acceptés"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI d'un serveur LDAP de secours où sont autorisées les modifications de mot "
"de passe"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "Nom du service DNS pour le serveur de changement de mot de passe LDAP"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -998,23 +1008,23 @@ msgstr ""
"Choix de mise à jour de l'attribut ldap_user_shadow_last_change après un "
"changement de mot de passe"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Nom de domaine (DN) de base pour les recherches de règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "Périodicité de rafraichissement total"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "Périodicité de rafraichissement intelligent"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Filter ou non sur les noms de systèmes, adresses IP et réseaux"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1022,148 +1032,148 @@ msgstr ""
"Noms de systèmes et/ou noms pleinement qualifiés de cette machine pour "
"filtrer les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresses ou réseaux IPv4 ou IPv6 de cette machine pour filtrer les règles "
"sudo"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent un netgroup dans l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Inclure ou non les règles qui contiennent une expression rationnelle dans "
"l'attribut host"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Classe objet pour les règles sudo"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Règle de nom sudo"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Attribut de commande de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Attribut hôte de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Attribut utilisateur de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Attribut option de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "Attribut runasuser de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut runasgroup de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Attribut notbefore de la règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Attribut notafter de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Attribut d'ordre de règle sudo"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Classe objet pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Nom de l'attribut de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Classe objet pour l'entrée de référence de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Attribut de clé d'entrée pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Attribut de valeur pour la carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Base DN pour les requêtes de carte de montage automatique"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Liste, séparée par des virgules, d'utilisateurs autorisés"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Liste, séparée par des virgules, d'utilisateurs interdits"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Interpréteur de commande par défaut : /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Base pour les répertoires utilisateur"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Nom de la bibliothèque NSS à utiliser"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Rechercher le nom canonique du groupe dans le cache si possible"
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Pile PAM à utiliser"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Devenir un démon (par défaut)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Fonctionner en interactif (non démon)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Définir un fichier de configuration différent de celui par défaut"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Afficher le numéro de version et quitte"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Niveau de débogage"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Ajouter l'horodatage au débogage"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Afficher l'horodatage en microsecondes"
@@ -1171,7 +1181,7 @@ msgstr "Afficher l'horodatage en microsecondes"
msgid "An open file descriptor for the debug logs"
msgstr "Un descripteur de fichier ouvert pour les journaux de débogage"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Domaine du fournisseur d'informations (obligatoire)"
@@ -1270,8 +1280,8 @@ msgstr "Mot de passe expiré. Changez votre mot de passe maintenant."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Le niveau de débogage utilisé avec"
@@ -1280,24 +1290,23 @@ msgstr "Le niveau de débogage utilisé avec"
msgid "The SSSD domain to use"
msgstr "Le domaine SSSD à utiliser"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Erreur lors du paramétrage de la locale\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Mémoire insuffisante\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Utilisateur non spécifié\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Erreur lors de la recherche des clés publiques\n"
@@ -1364,21 +1373,21 @@ msgstr "Définir l'utilisateur à ajouter à\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Erreur à l'initialisation des outils - aucun domaine local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Erreur à l'initialisation des outils\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domaine invalide définit dans le FQDN\n"
@@ -1399,7 +1408,7 @@ msgstr "Les groupes doivent être dans le même domaine que l'utilisateur\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Impossible de trouver le groupe %1$s dans le domaine local\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Impossible de définir les valeurs par défaut\n"
@@ -1483,7 +1492,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1616,77 +1625,77 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Erreur interne. Impossible d'afficher le groupe.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Suppression du répertoire personnel et de gestion des mails"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Ne pas supprimer le répertoire personnel et de gestion des mails"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Forcer la suppression des fichiers n'appartenant pas à l'utilisateur"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Tuer les processus de l'utilisateur avant de le supprimer"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Définir l'utilisateur à supprimer\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"L'utilisateur %1$s est en dehors de la plage d'identifiants définie pour le "
"domaine\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Impossible de réinitialiser le contexte de connexion SELinux\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"ATTENTION : l'utilisateur (uid %1$lu) était encore connecté lors de sa "
"suppression.\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Impossible de savoir si l'utilisateur était connecté sur cette plateforme"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Erreur en vérifiant si l'utilisateur était connecté\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "La commande post-suppression a échoué : %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Le répertoire personnel n'est pas supprimé - l'utilisateur n'en est pas le "
"propriétaire\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Impossible de supprimer le répertoire utilisateur : %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Aucun utilisateur dans le domaine local. La suppression des utilisateurs "
"n'est autorisée que dans le domaine local.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Erreur interne. Impossible de supprimer l'utilisateur.\n"
@@ -1742,72 +1751,75 @@ msgstr "Erreur de transaction. Impossible de modifier l'utlisateur.\n"
msgid "No cache object matched the specified search\n"
msgstr "Aucun object trouvé dans le cache pour la recherche spécifiée\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Impossible d'invalider %1$s"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Impossible d'invalider %1$s %2$s"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Invalider un utilisateur spécifique"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Invalider tous les utilisateurs"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Invalider un groupe particulier"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Invalider tous les groupes"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "Invalider un groupe réseau particulier"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "Invalider tous les groupes réseau"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Invalidation d'un service particulier"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Invalidation de tous les services"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "Invalidation d'une carte autofs particulière"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "Invalidation de toutes les cartes autofs"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "N'invalider des entrées que d'un domaine spécifique"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr "Merci de sélectionner au moins un objet à invalider\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
+"Impossible d'ouvrir le domaine %1$s. Si le domaine est un sous-domaine "
+"(domaine approuvé), utiliser le nom pleinement qualifié au lieu du paramètre "
+"--domain/-d.\n"
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "Impossible d'ouvrir aucun des domaines disponibles\n"
@@ -1838,17 +1850,8 @@ msgstr "Mémoire saturée\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s doit être lancé en tant que root\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
"Envoyer la sortie de débogage vers un fichier plutôt que vers la sortie "
"standard"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr "Aucun objet %1$s nommé %2$s dans le domaine %3$s, on passe\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr "Aucun objet de type %1$s du domaine %2$s dans le cache, on passe\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "Impossible d'ouvrir le domaine %1$s\n"
diff --git a/po/hu.po b/po/hu.po
index c292497d5..35d6a9717 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -9,9 +9,9 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-10 21:30+0000\n"
-"Last-Translator: ptr <ptr@ulx.hu>\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Hungarian <trans-hu@lists.fedoraproject.org>\n"
"Language: hu\n"
"MIME-Version: 1.0\n"
@@ -295,797 +295,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA kliens hosztneve"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos-kiszolgáló címe"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos-tartomány"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Időtúllépés azonosításkor"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, az LDAP szerver URI-ja"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Alapértelmezett LDAP alap-DN-je"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Az LDAP szerveren használt séma-típus, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Az alapértelmezett bind DN"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "A kapcsolódási próbálkozás időtartama"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "A CA tanusítványokat tartalmazó fájl"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "TLS tanusítvány ellenőrzése"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "TLS megkövetelése ID keresésekor"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "GECOS attribútum"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Shell attribútum"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID attribútum"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Teljes név"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "memberOf attribútum"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Csoport neve"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Csoport jelszava"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Alapértelmezett shell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Időbélyegek a hibakeresési kimenetben"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Mikroszekundum pontosságú időbélyegek"
@@ -1093,7 +1105,7 @@ msgstr "Mikroszekundum pontosságú időbélyegek"
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1187,8 +1199,8 @@ msgstr "A jelszava lejárt, változtass meg most."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1197,24 +1209,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1281,21 +1292,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1316,7 +1327,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Nem lehet beállítani az alapértékeket\n"
@@ -1395,7 +1406,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1508,68 +1519,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Ne törölje a saját könyvtárat és a helyi levelezést"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Nem a felhasználó tulajdonában lévő fájlok törlése"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Felhasználó programjainak kilövése az eltávolítás előtt"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Adja meg a törlendő felhasználót\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Belső hiba történt, nem lehetett eltávolítani a felhasználót.\n"
@@ -1619,72 +1630,72 @@ msgstr "Tranzakcióhiba történt, a felhasználó nem módosítható.\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1714,6 +1725,6 @@ msgstr "Elfogyott a memória\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/id.po b/po/id.po
index 6e5fad318..782d595f0 100644
--- a/po/id.po
+++ b/po/id.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Indonesian <trans-id@lists.fedoraproject.org>\n"
"Language: id\n"
@@ -293,797 +293,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Domain IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Alamat server IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Nama host klien IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Alamat server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Lamanya waktu untuk mencoba koneksi"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Membutuhkan verifikasi sertifikat TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Tentukan mekanisme sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Tentukan id otorisasi sasl yang digunakan"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Keytab layanan Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Lingkup pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filter pencarian pengguna"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass untuk pengguna"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Atribut Nama pengguna"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Atribut UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Atribut GID Primer"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Atribut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Atribut direktori Home"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Atribut Shell"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Atribut UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Atribut utama pengguna (untuk Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Nama Lengkap"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Atribut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Atribut waktu modifikasi"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Shell default, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1091,7 +1103,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1185,8 +1197,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1195,24 +1207,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1279,21 +1290,21 @@ msgstr "Tentukan pengguna untuk ditambahkan\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Gagal saat menginisialisasi perkakas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domain yang ditentukan dalam FQDN tidak valid\n"
@@ -1314,7 +1325,7 @@ msgstr "Grup harus berada dalam domain yang sama dengan pengguna\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Tidak dapat menetapkan nilai default\n"
@@ -1392,7 +1403,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1512,70 +1523,70 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Hapus direktori home, dan spool mail"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Jangan hapus direktori home dan spool mail"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Paksa penghapusan berkas yang tidak dimiliki oleh pengguna"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Tentukan pengguna yang akan dihapus\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "Tidak menghapus home dir - tidak dimiliki oleh pengguna\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Tidak ada pengguna seperti itu di domain lokal. Menghapus pengguna hanya "
"diperbolehkan dalam domain lokal.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Kesalahan internal. Tidak dapat menghapus pengguna.\n"
@@ -1629,72 +1640,72 @@ msgstr "Kesalahan transaksi. Pengguna tidak dapat dimodifikasi.\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1724,6 +1735,6 @@ msgstr "Kehabisan memori\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/it.po b/po/it.po
index c5de2b401..36fcddf68 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Italian <trans-it@lists.fedoraproject.org>\n"
"Language: it\n"
@@ -301,803 +301,812 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti "
"DNS dinamici."
-#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"L'interfaccia il cui indirizzo IP dovrebbe essere usato per aggiornamenti "
-"DNS dinamici."
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Dominio IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Indirizzo del server IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Hostname del client IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Indirizzo del server Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Realm Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Timeout di autenticazione"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Directory in cui salvare le credenziali"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Percorso della cache delle credenziali utente"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Percorso del keytab per la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Abilita la validazione delle credenziali"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Intervallo di tempo tra due controlli di rinnovo"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Abilita FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server dove viene eseguito il servizio di cambio password, se non nel KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, l'indirizzo del server LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Il base DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Lo Schema Type utilizzato dal server LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Il bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Il tipo di token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Il token di autenticazione del bind DN predefinito"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Durata del tentativo di connessione"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Durata del tentativo di esecuzione di operazioni LDAP sincrone"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Durata tra tentativi di riconnessione quando offline"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Usare solo maiuscole per i nomi dei realm"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "File contenente i certificati CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Percorso della directory dei cerficati della CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "File contenente il certificato client"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "File contenente la chiave client"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Lista delle possibili cipher suite"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Richiedere la verifica del certificato TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Specificare il meccanismo sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Specificare l'id di autorizzazione sasl da usare"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Keytab del servizio Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Usare autorizzazione Kerberos per la connessione LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Seguire i referral LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Metodo di deferenziazione degli alias"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Durata attesa per le richieste di ricerca"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Durata tra gli aggiornamenti alle enumeration"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Intervallo di tempo per la pulizia cache"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Richiedere TLS per gli ID lookup"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Base DN per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Ambito di applicazione dei lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filtro per i lookup utente"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass per gli utenti"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Attributo del nome utente"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Attributo UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Attributo del GID primario"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Attributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Attributo della home directory"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Attributo della shell"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Attributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Attributo user principal (per Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Nome completo"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Attributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Attributo data di modifica"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Politica per controllare la scadenza della password"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Filtro LDAP per determinare i privilegi di accesso"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Lista separata da virgola degli utenti abilitati"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Lista separata da virgola degli utenti non abilitati"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Shell predefinita, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Base delle home directory"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Il nome della libreria NSS da usare"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Stack PAM da usare"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Esegui come demone (default)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Esegui interattivamente (non come demone)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Specificare un file di configurazione specifico"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Livello debug"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Includi timestamp di debug"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1105,7 +1114,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr "Un descrittore di file aperto per l'output di debug"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Dominio del provider di informazioni (obbligatorio)"
@@ -1199,8 +1208,8 @@ msgstr "Password scaduta. Cambiare la password ora."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Il livello di debug da utilizzare"
@@ -1209,24 +1218,23 @@ msgstr "Il livello di debug da utilizzare"
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Errore di impostazione del locale\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1293,21 +1301,21 @@ msgstr "Specificare un utente da aggiungere\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Errore durante l'inizializzazione degli strumenti - nessun dominio\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Errore durante l'inizializzazione degli strumenti\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Il dominio specificato nel FQDN non è valido\n"
@@ -1328,7 +1336,7 @@ msgstr "I gruppi devono essere nello stesso dominio dell'utente\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Impossibile impostare i valori predefiniti\n"
@@ -1407,7 +1415,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1531,70 +1539,70 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Errore interno. Impossibile stampare il gruppo.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Eliminare home directory e spool di mail"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Non eliminare la home directory e lo spool di mail"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Forza la rimozione dei file non di proprietà dell'utente"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Specificare l'utente da cancellare\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "Home directory non eliminata - non appartiene all'utente\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Utente non presente nel dominio locale. L'eliminazione degli utenti è "
"permessa solo nel dominio locale.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Errore interno. Impossibile rimuovere l'utente.\n"
@@ -1648,72 +1656,72 @@ msgstr "Errore nella transazione. Impossibile modificare l'utente.\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1743,6 +1751,6 @@ msgstr "Memoria esaurita\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Redirigere l'output di debug su file anzichè stderr"
diff --git a/po/ja.po b/po/ja.po
index 42d420840..735800340 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-15 05:20+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-07 05:10+0000\n"
"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
"Language: ja\n"
@@ -300,301 +300,307 @@ msgid "Treat usernames as case sensitive"
msgstr "ユーザー名が大文字小文字を区別するよう取り扱う"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
-msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
-msgstr "クライアントの DNS 項目を更新後、適用する TTL"
+msgid "Whether to automatically update the client's DNS entry"
+msgstr "自動的にクライアントの DNS エントリーを更新するかどうか"
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "クライアントの DNS 項目を更新後、適用する TTL"
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "動的 DNS 更新のために使用される IP のインターフェース"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
+msgstr "どのくらい定期的にクライアントの DNS エントリーを更新するか"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
+"プロバイダーが同じように PTR レコードを明示的に更新する必要があるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "nsupdate ユーティリティが標準で TCP を使用するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
-msgstr "動的 DNS 更新のために使用される IP のインターフェース"
+msgstr "DNS 更新を実行するために使用すべき認証の種類"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "バックアップ IPA サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA クライアントのホスト名"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "FreeIPA にあるクライアントの DNS エントリーを自動的に更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "HBAC 関連オブジェクトの検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "IPA サーバーに対する HBAC ルールを検索している間の合計時間"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "IPA サーバーに対する SELinux マップの検索の間の秒単位の合計時間"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "DENY ルールが存在すると、DENY_ALL または IGNORE です"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "もし偽に設定されていると、 PAM により渡されたホスト引数は無視されます"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "この IPA クライアントが使用している automounter の場所"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr "IPA ドメインに関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr "ID 範囲に関する情報を含むオブジェクトに対する検索ベース"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
-msgstr ""
+msgstr "DNS サイトの有効化 - 位置にサービス探索"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Active Directory ドメイン"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Active Directory サーバーアドレス"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Active Directory バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Active Directory クライアントホスト名"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos サーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Kerberos バックアップサーバーのアドレス"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos レルム"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "認証のタイムアウト"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "クレディンシャルのキャッシュを保存するディレクトリー"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "ユーザーのクレディンシャルキャッシュの位置"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "クレディンシャルを検証するキーテーブルの場所"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "クレディンシャルの検証を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr "後からオンライン認証するためにオフラインの場合にパスワードを保存します"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "更新可能な TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "更新を確認する間隔"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "FAST を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "FAST に使用するプリンシパルを選択する"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "プリンシパル正規化を有効にする"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "エンタープライズ・プリンシパルの有効化"
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr "KDC になければ、パスワード変更サービスが実行されているサーバー"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "デフォルトのベース DN"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "LDAP サーバーにおいて使用中のスキーマ形式, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "デフォルトのバインド DN"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークンの種類"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "デフォルトのバインド DN の認証トークン"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "LDAP 同期操作を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "オフラインの間に再接続を試行する時間"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "レルム名に対して大文字のみを使用する"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "CA 証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "CA 証明書のディレクトリーのパス"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "クライアント証明書を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "クライアントの鍵を含むファイル"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "利用可能な暗号の一覧"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "TLS 証明書の検証を要求する"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "使用する SASL メカニズムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "使用する SASL 認可 ID を指定する"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "使用する SASL 認可レルムを指定する"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "LDAP SASL 認可の最小 SSF を指定する"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Kerberos サービスのキーテーブル"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "LDAP 接続に対して Kerberos 認証を使用する"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "LDAP リフェラルにしたがう"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "LDAP 接続の TGT の有効期間"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "エイリアスを参照解決する方法"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "DNS サービス検索のサービス名"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "単一の LDAP 問い合わせにおいて取得するレコード数"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr "完全な参照解決を引き起こすために欠けている必要があるメンバーの数"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -602,360 +608,365 @@ msgstr ""
"LDAP ライブラリーが SASL バインド中にホスト名を正規化するために逆引きを実行す"
"るかどうか"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "entryUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "lastUSN 属性"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "LDAP サーバーを切断する前に接続を保持する時間"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "LDAP ページング制御を無効化する"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Active Directory サーバーアドレス"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "検索要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "列挙の要求を待つ時間"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "列挙の更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "キャッシュをクリーンアップする間隔"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "ID 検索に TLS を要求する"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "事前設定済み ID の代わりに objectSID の ID マッピングを使用します"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "ユーザー検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "ユーザー検索の範囲"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "ユーザー検索のフィルター"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "ユーザーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "ユーザー名の属性"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "UID の属性"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "プライマリー GID の属性"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "GECOS の属性"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "ホームディレクトリの属性"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "シェルの属性"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID の属性"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "objectSID 属性"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "ID マッピングの Active Directory プライマリーグループ属性"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "ユーザープリンシパルの属性(Kerberos 用)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "氏名"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "memberOf 属性"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "shadowLastChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "shadowMin 属性"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "shadowMax 属性"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "shadowWarning 属性"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "shadowInactive 属性"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "shadowExpire 属性"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "shadowFlag 属性"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "認可された PAM サービスを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "認可されたサーバーホストを一覧化する属性"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange 属性"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration 属性"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr "サーバー側パスワードポリシーが有効であることを意味する属性"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "AD の accountExpires 属性"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "AD の userAccountControl 属性"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "nsAccountLock 属性"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "NDS の loginDisabled 属性"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS の loginExpirationTime 属性"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS の loginAllowedTimeMap 属性"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "SSH 公開鍵の属性"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "グループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "グループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "グループ名"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "グループのパスワード"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "GID 属性"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "グループメンバー属性"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "グループ UUID 属性"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "グループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "SSSd がしたがう最大入れ子レベル"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "ネットグループ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "ネットグループのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "ネットグループ名"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "ネットグループメンバーの属性"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "ネットグループの三つ組の属性"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "ネットグループ UUID の属性"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "ネットグループの変更日時の属性"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "サービス検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "サービスのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "サービス名の属性"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "サービスポートの属性"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "サービスプロトコルの属性"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "ID マッピングの下限"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "ID マッピングの上限"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr "ID マッピングするとき、各スライスに対する ID の数"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "ID マッピングに対する autorid 互換アルゴリズムを使用します"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの名前"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "ID マッピングに対するデフォルトドメインの SID"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "グループ検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "初期グループの検索のために LDAP_MATCHING_RULE_IN_CHAIN を使用します"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "パスワード失効の評価のポリシー"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "アクセス権限を決めるための LDAP フィルター"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "どの属性がアカウントが失効しているかを評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr "どのルールがアクセス制御を評価するために使用されるか"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可される LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "パスワードの変更が許可されるバックアップ LDAP サーバーの URI"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "LDAP パスワードの変更サーバーの DNS サービス名"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr "パスワード変更後 ldap_user_shadow_last_change 属性を更新するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "sudo ルール検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "自動的な完全更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "自動的なスマート更新間隔"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"ホスト名、IP アドレスおよびネットワークによるフィルタールールを使用するかどう"
"か"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -963,145 +974,145 @@ msgstr ""
"sudo ルールをフィルターするこのマシンのホスト名および/または完全修飾ドメイン"
"名"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"sudo ルールをフィルターするこのマシンの IPv4 または IPv6 アドレスまたはネット"
"ワーク"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr "ホスト属性にネットワークグループを含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr "ホスト属性に正規表現を含むルールを含めるかどうか"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "sudo ルールのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "sudo ルール名"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "sudo ルールのコマンドの属性"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "sudo ルールのホストの属性"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "sudo ルールのユーザーの属性"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "sudo ルールのオプションの属性"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "sudo ルールの runasuser の属性"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "sudo ルールの runasgroup の属性"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "sudo ルールの notbefore の属性"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "sudo ルールの notafter の属性"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "sudo ルールの order の属性"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "automounter マップのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "オートマウントのマップ名の属性"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "automounter マップエントリーのオブジェクトクラス"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "automounter マップエントリーのキー属性"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "automounter マップエントリーの値属性"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "automonter のマップ検索のベース DN"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "許可ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "禁止ユーザーのカンマ区切り一覧"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "デフォルトのシェル, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "ホームディレクトリーのベース"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "使用する NSS ライブラリーの名前"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr "可能ならばキャッシュから正規化されたグループ名を検索するかどうか"
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "使用する PAM スタック"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "デーモンとして実行(デフォルト)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "対話的に実行(デーモンではない)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "非標準の設定ファイルの指定"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "バージョン番号を表示して終了する"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "デバッグレベル"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "デバッグのタイムスタンプを追加する"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "タイムスタンプをミリ秒単位で表示する"
@@ -1109,7 +1120,7 @@ msgstr "タイムスタンプをミリ秒単位で表示する"
msgid "An open file descriptor for the debug logs"
msgstr "デバッグログのオープンファイルディスクリプター"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "情報プロバイダーのドメイン (必須)"
@@ -1203,8 +1214,8 @@ msgstr "パスワードの期限が切れました。いますぐパスワード
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "実行するデバッグレベル"
@@ -1213,24 +1224,23 @@ msgstr "実行するデバッグレベル"
msgid "The SSSD domain to use"
msgstr "使用する SSSD ドメイン"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "ロケールの設定中にエラーが発生しました\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "十分なメモリーがありません\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "ユーザーが指定されていません\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "公開鍵の検索中にエラーが発生しました\n"
@@ -1297,7 +1307,7 @@ msgstr "追加するユーザーを指定してください\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
@@ -1305,14 +1315,14 @@ msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "ツールを初期化中にエラーが発生しました\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "FQDN で指定されたドメインが無効です\n"
@@ -1333,7 +1343,7 @@ msgstr "グループがユーザーと同じドメインになければいけま
msgid "Cannot find group %1$s in local domain\n"
msgstr "ローカルドメインにグループ %1$s を見つけられません\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "デフォルト値を設定できません\n"
@@ -1412,7 +1422,7 @@ msgstr "グループ %1$s はドメインに対して定義された ID の範
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1541,73 +1551,73 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "内部エラー。グループを表示できませんでした。\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "ホームディレクトリーとメールスプールを削除する"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "ホームディレクトリーとメールスプールを削除しない"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "ユーザーにより所有されていないファイルの強制削除"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "ユーザーを削除する前にそのユーザーのプロセスを強制停止する"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "削除するユーザーを指定する\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr "ユーザー %1$s はドメインに対して定義された ID の範囲を超えています\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "SELinux ログインコンテキストをリセットできません\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"警告: ユーザー (uid %1$lu) が削除されたときにまだログインしていました。\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"ユーザーがこのプラットフォームにログインしていたかを確認できませんでした"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "ユーザーがログインしていたかを確認中にエラーが発生しました\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "削除後コマンドの実行に失敗しました: %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"ホームディレクトリーを削除していません - ユーザーにより所有されていません\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "ホームディレクトリーを削除できません: %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"そのようなユーザーはローカルドメインにいません。ユーザーの削除はローカルドメ"
"インにおいてのみ許可されます。\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "内部エラー。ユーザーを削除できませんでした。\n"
@@ -1661,72 +1671,74 @@ msgstr "トランザクションエラー。ユーザーを変更できません
msgid "No cache object matched the specified search\n"
msgstr "指定された検索に一致するキャッシュオブジェクトがありません\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "%1$s を無効化できませんでした"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "%1$s %2$s を無効化できませんでした"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "特定のユーザーを無効にする"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "すべてのユーザーを無効にする"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "特定のグループを無効にする"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "すべてのグループを無効にする"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "特定のネットワークグループを無効にする"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "すべてのネットワークグループを無効にする"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "特定のサービスの無効化"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "すべてのサービスの無効化"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "特定の autofs マップの無効化"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "すべての autofs マップの無効化"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "特定のドメインのみからエントリーを無効にする"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr "無効化するオブジェクトを少なくとも一つ選択してください\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
+"ドメイン %1$s を開けませんでした。ドメインがサブドメイン (信頼済みドメイン) "
+"であれば、--domain/-d パラメーターの代わりに完全修飾名を使用してください。\n"
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "利用可能なドメインを開けませんでした\n"
@@ -1757,18 +1769,6 @@ msgstr "メモリー不足\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s は root として実行する必要があります\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "デバッグ出力を標準エラーの代わりにファイルに送信する"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr ""
-#~ "ドメイン %3$s に %2$s という名前の %1$s はありません。スキップします\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr ""
-#~ "キャッシュにドメイン %2$s からの形式 %1$s のオブジェクトがありません。ス"
-#~ "キップします\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "ドメイン %1$s を開けませんでした\n"
diff --git a/po/nb.po b/po/nb.po
index 49d6ab891..e5d339e0a 100644
--- a/po/nb.po
+++ b/po/nb.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Norwegian Bokmål <i18n-nb@lister.ping.uio.no>\n"
"Language: nb\n"
@@ -294,797 +294,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-domene"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA-tjeneradresse"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Vertsnavn for IPA-klient"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Tjeneradresse for Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos-område"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Tidsavbrudd for autentisering"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1092,7 +1104,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1186,8 +1198,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1196,24 +1208,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1280,21 +1291,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1315,7 +1326,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1392,7 +1403,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1505,68 +1516,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1616,72 +1627,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1711,6 +1722,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/nl.po b/po/nl.po
index 6da62d34c..baca79efb 100644
--- a/po/nl.po
+++ b/po/nl.po
@@ -11,8 +11,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-03 14:40+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-07 08:40+0000\n"
"Last-Translator: Geert Warrink <geert.warrink@onsnet.nu>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/"
"nl/)\n"
@@ -327,80 +327,77 @@ msgid "Treat usernames as case sensitive"
msgstr "Behandel gebruikersnamen als hoofdlettergevoelig"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
-"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
-"FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
+msgid "Whether to automatically update the client's DNS entry"
+msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden"
+
+#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
"De TTL die toegepast moet worden op de DNS ingang van de cliënt na het "
"vernieuwen hiervan"
-#: src/config/SSSDConfig/__init__.py.in:130
-#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken "
"van de DNS"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr ""
-"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
-"FreeIPA"
+msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
-msgstr ""
+msgstr "Of de provider ook de PTR record expliciet moet vernieuwen"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken"
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken "
-"van de DNS"
+"Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit te "
+"voeren"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-domein"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "Adres van back-up IPA server"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA-clienthostname"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Zoek basis voor HBAC gerelateerde objecten"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
@@ -408,244 +405,248 @@ msgstr ""
"De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de "
"IPA server"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Als DENY regels aanwezig zijn, dat DENY_ALL of IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Als dit op false ingesteld is, wordt het host argument gegeven door PAM "
"genegeerd"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "De automounter locatie die door deze IPA client wordt gebruikt"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr "Zoek in base voor object die info over IPA domein bevat "
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr "Zoek in base voor objecten die info over ID bereiken bevat"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
-msgstr ""
+msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Active Directory domein"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Active Directory server adres"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Active Directory back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Active Directory cliënt hostnaam"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos-serveradres"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Kerberos back-up server adres"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberos-rijk"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Authenticatie timeout"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Werkmap waar authenticatiegegevens opgeslagen worden"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Locatie van de authenticatiecache van de gebruiker"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Locatie van de keytab om authenticatiegegevens te valideren"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Schakel authenticatiegegevensvalidatie in"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
"Sla het wachtwoord op indien offline voor later gebruik bij online "
"authenticatie"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "Vernieuwbare levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "Levensduur van de TGT"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Tijd tussen twee checks voor vernieuwing"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Zet FAST aan"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST "
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Zet hoofdpersoon sanctioneren aan"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "Zet enterprise principals aan"
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, de URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, De URI van de LDAP server"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "De standaard base DN"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "De standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Het type authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Het authenticatietoken van de standaard bind DN"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Hoe lang pogen te verbinden"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Hoe lang proberen synchroon LDAP te benaderen"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens "
"offline zijn"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Gebruik alleen hoofdletters voor gebiedsnamen"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Bestand dat de bekende CA-certificaten bevat"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Pad naar de CA-certificatenmap"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Bestand dat het client certificaat bevat"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Bestand dat de client sleutel bevat"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Lijst van mogelijke sleutel suites"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Vereis verificatie van het TLS-certificaat"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Specificeer het te gebruiken sasl autorisatiegebied "
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Kerberos service keytab"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Volg LDAP-doorverwijzingen"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Levensduur van TGT voor LDAP-connectie"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Hoe moet de alias referentie verwijderd worden"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Service naam voor DNS service opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
"Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Het aantal leden van moet ontbreken om een volledige de-referentie te "
"veroorzaken"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -653,342 +654,347 @@ msgstr ""
"Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te "
"autoriseren tijdens een SASL binding"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "entryUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "lastUSN attribuut"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het "
"losgekoppeld wordt"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Het LDAP paging besturingselement uitschakelen"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Active Directory server adres"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Tijd om te wachten op een zoekopdracht"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "Tijdsduur te wachten voor een opsommingsverzoek"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Tijd om te wachten tussen enumeratie-updates"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Tijdsduur tussen cache opschoningen"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Vereis TLS voor het opzoeken van ID's"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Base DN voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Scope voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filter voor het opzoeken van gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass voor gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Username-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "UID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Primair GID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "GECOS-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Gebruikersmap-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Shell-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "objectSID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Active Directory primaire groep attribuut voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Userprincipal-attribuut (voor Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Volledige naam"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "memberOf-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Modification time-attribuut"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "shadowLastChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "shadowMin attribuut"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "shadowMax attribuut"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "shadowWarning attribuut"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "shadowInactive attribuut"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "shadowExpire attribuut"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "shadowFlag attribuut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "Attribuut voor tonen van geautoriseerde PAM services"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Attribuut dat geautoriseerde server hosts toont"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "krbLastPwdChange attribuut"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration attribuut"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "accountExpires attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "userAccountControl attribuut van AD"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "nsAccountLock attribuut"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "loginDisabled attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "loginExpirationTime attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "loginAllowedTimeMap attribuut van NDS"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "SSH publieke sleutel attribuut"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "Basis DN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "Objectklasse voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Groepsnaam"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Groep wachtwoord"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "GID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Groep deelnemer attribuut"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Groep UUID attribuut"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Verandertijd attribuut voor groepen"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximale nest niveau dat SSSd zal volgen"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "Basis DN voor netgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Objectklasse voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Netgroep naam"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Netgroep leden attribuut"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Netgroep triple attibuut"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Netgroep UUID attibuut"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Verandertijd attribuut voor netgroepen"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Basis DN voor service lookups"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Objectclass voor services"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Service naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Service port attribuut"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Service protocol attribuut"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "Ondergrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "Bovengrens voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Aantal ID's voor elk segment bij ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "Naam van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "SID van het standaard domein voor ID-mapping"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor groep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Gebruik LDAP_MATCHING_RULE_IN_CHAIN voor initgroep opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Policy om wacthwoordverloop mee te evalueren"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter om toegangsprivileges mee te bepalen"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Welke attributen worden gebruikt voor evaluatie als het account verlopen is"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
"URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
"URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "DNS service naam voor LDAP wachtwoord verander server"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -996,23 +1002,23 @@ msgstr ""
"Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een "
"wachtwoordwijziging"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Basis DN voor sudo regels lookups"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "Automatische volledige ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "Automatische slimme ververs periode"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1020,148 +1026,148 @@ msgstr ""
"Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor "
"het filteren van sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo "
"regels"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die netgroep bevatten in host attribuut "
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Moeten regels toegevoegd worden die regulaire expressie bevatten in host "
"attribuut "
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Objectklasse voor sudo regels"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Sudo regelnaam"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Sudo regel opdracht attribuut"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Sudo regel host attribuut"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Sudo regel gebruiker attribuut"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Sudo regel optie attribuut"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "Sudo regel runasuser attribuut"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Sudo regel runasgroup attribuut"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Sudo regel notbefore attribuut"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Sudo regel notafter attribuut"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Sudo regel volgorde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Object class voor automounter maps"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Automounter map naam attribuut"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Objectklasse voor automounter map ingaven"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Automounter map sleutel ingave attribuut"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Automounter map ingavewaarde attribuut"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Basis DN voor automounter kaart opzoeken"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Kommagescheiden lijst van toegestane gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Kommagescheiden lijst van geweigerde gebruikers"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Standaard shell, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Basis voor gebruikersmappen"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "De naam van de NSS-bibliotheek die gebruikt wordt"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden "
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "PAM-stack die gebruikt wordt"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Start in de achtergrond (standaard)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Start interactief (standaard)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Geef een niet-standaard configuratiebestand op"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Print versie nummer en sluit af"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Debug niveau"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Voeg tijdstempels toe aan debugberichten"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Toon tijdstempel met microseconden"
@@ -1169,7 +1175,7 @@ msgstr "Toon tijdstempel met microseconden"
msgid "An open file descriptor for the debug logs"
msgstr "Een geopend bestand voor de debug logs"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Domein voor de informatie provider (verplicht)"
@@ -1265,8 +1271,8 @@ msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Het debugniveau waarmee gestart wordt"
@@ -1275,24 +1281,23 @@ msgstr "Het debugniveau waarmee gestart wordt"
msgid "The SSSD domain to use"
msgstr "Hrt te gebruiken SSSD domein"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Fout bij het zetten van de locale\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Niet genoeg geheugen\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Gebruiker niet gespecificeerd\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Fout bij het opzoeken van publieke sleutels\n"
@@ -1359,21 +1364,21 @@ msgstr "Geef gebruiker op om toe te voegen\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Fout bij de initialisatie van de tools - geen lokaal domein\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Fout bij de initialisatie van de tools\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Verkeerd domein gespecificeerd in de FQDN\n"
@@ -1397,7 +1402,7 @@ msgstr ""
"Kan groep %1$s niet in lokale domein vinden\n"
"\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Kan de standaardwaarden niet zetten\n"
@@ -1474,7 +1479,7 @@ msgstr "Groep %1$s ligt buiten het gedefinieerde ID gebied voor domein\n"
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1605,75 +1610,75 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Interne fout. Kan de groep niet weergeven.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Verwijder gebruikersmap en postbestand"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Verwijder gebruikersmap en postbestand niet"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
"Forceer het verwijderen van bestanden die niet aan de gebruiker toebehoren"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
"Kill de processen van de gebruiker voordat de gebruiker verwijderd wordt"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Specificeer de te verwijderen gebruiker\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr "Gebruiker %1$s ligt buiten het gedefinieerde ID bereik voor domein\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Kan de SELinux logincontext niet herstellen\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"WAARSCHUWING: De gebruiker (uid %1$lu) was nog ingelogd bij het "
"verwijderen.\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Kan niet bepalen of de gebruiker was ingelogd op dit platform"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Fout bij het controleren of de gebruiker was ingelogd\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Het post-verwijder commando mislukte: %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"De gebruikersmap wordt niet verwijderd - de gebruiker is geen eigenaar\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Kan persoonlijke map niet verwijderen: %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Gebruiker bestaat niet in het lokale domein. Het verwijderen van gebruikers "
"is alleen in het lokale domein toegestaan.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Interne fout. Kan de gebruiker niet verwijderen.\n"
@@ -1728,72 +1733,75 @@ msgid "No cache object matched the specified search\n"
msgstr ""
"Geen enkel cache object komt overeen met de gespecificeerde zoekopdracht\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Kon %1$s niet ongeldig maken"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Kon %1$s %2$s niet ongeldig maken"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Maak bepaalde gebruiker ongeldig"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Maak alle gebruikers ongeldig"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Maak bepaalde groep ongeldig"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Maak alle groepen ongeldig"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "Maak bepaalde netgroep ongeldig"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "Maak alle netgroepen ongeldig"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Maak bepaalde service ongeldig "
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Maak alle services ongeldig"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "Maak bepaalde autofs map ongeldig"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "Maak alle autofs mappen ongeldig"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "Maak alleen ingangen van een bepaald domein ongeldig"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr "Selecteer tenminste een object om ongeldig te maken\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
+"Kon domein %1$s niet openen. Als het domein een subdomein (vertrouwd domein) "
+"is, gebruik dan de volledig gekwalificeerde naam in plaats van --domain/-d "
+"parameter.\n"
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "Kon beschikbare domeinen niet openen\n"
@@ -1823,18 +1831,6 @@ msgstr "Het geheugen zit vol\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s moet als root uitgevoerd worden\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Stuur de debuguitvoer naar bestanden in plaats van stderr"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr ""
-#~ "Er is geen %1$s met de naam %2$s in domein %3$s, wordt overgeslagen\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr ""
-#~ "Er zijn geen objecten met type %1$s uit domein %2$s in de cache, wordt "
-#~ "overgeslagen\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "Kon domein %1$s niet openen\n"
diff --git a/po/pl.po b/po/pl.po
index f67779cda..693a24f20 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -9,8 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:50+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:50+0000\n"
"Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n"
"Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n"
"Language: pl\n"
@@ -321,318 +321,321 @@ msgid "Treat usernames as case sensitive"
msgstr "Rozróżnianie wielkości liter w nazwach użytkowników"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
-"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
-msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu"
+msgid "Whether to automatically update the client's DNS entry"
+msgstr "Czy automatycznie aktualizować wpis DNS klienta"
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "TTL do zastosowania do wpisu DNS klienta po jego zaktualizowaniu"
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Interfejs, którego adres IP powinien być używany do dynamicznych "
"aktualizacji DNS"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr ""
-"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
+msgstr "Jak często okresowo aktualizować wpis DNS klienta"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
-msgstr ""
+msgstr "Określa, czy dostawca powinien aktualizować także wpis PTR"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "Określa, czy narzędzie nsupdate powinno domyślnie używać portu TCP"
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"Interfejs, którego adres IP powinien być używany do dynamicznych "
+"Jakiego rodzaju uwierzytelnianie powinno być używane do wykonywania "
"aktualizacji DNS"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Domena IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Adres serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "Adres zapasowego serwera IPA"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Nazwa komputera klienta IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Czy automatycznie aktualizować wpis DNS klienta w oprogramowaniu FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Wyszukiwanie podstawy pod kątem obiektów związanych z HBAC"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Czas między wyszukiwaniami reguł HBAC w serwerze IPA"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Czas w sekundach między wyszukiwaniami map SELinuksa w serwerze IPA"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Jeśli reguły DENY są dostępne, to DENY_ALL lub IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Jeśli ustawiono na fałsz, to parametr komputera podany przez PAM zostanie "
"zignorowany"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "Położenie automountera, którego używa ten klient IPA"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o domenie IPA"
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
"Podstawa wyszukiwania dla obiektów zawierających informacje o zakresach "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
-msgstr ""
+msgstr "Włącza witryny DNS - wykrywanie usług w oparciu o położenie"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Domena Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Adres serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Adres zapasowego serwera Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Nazwa komputera klienta Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Adres serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Adres zapasowego serwera Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Obszar Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Czas oczekiwania na uwierzytelnienie"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
"Katalog do przechowywania pamięci podręcznych danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Położenie pamięci podręcznej danych uwierzytelniających użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Położenie tablicy kluczy do sprawdzania danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Włącza sprawdzanie danych uwierzytelniających"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
"Przechowuje hasło, jeśli w trybie offline do późniejszego uwierzytelnienia w "
"trybie online"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "Odnawialny czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "Czas trwania TGT"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Czas między dwoma sprawdzaniami odnowy"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Włącza FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Wybiera naczelnika do użycia dla FAST"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Włącza ujednolicanie naczelnika"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "Włącza naczelników enterprise"
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Serwer, w którym jest uruchomiona usługa zmiany haseł, jeśli nie znajduje "
"się w KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, adres URI serwera LDAP"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Domyślna podstawowa DN"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Typ Schema do użycia na serwerze LDAP, RFC2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Domyślne DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Typ tokenu uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Token uwierzytelniania domyślnego DN dowiązania"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Czas do próby połączenia"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Czas do próby synchronicznych działań LDAP"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Czas między próbami ponownego połączenia w trybie offline"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Użycie tylko małych znaków w nazwach obszarów"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Plik zawierający certyfikaty CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Ścieżka do katalogu certyfikatów CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Plik zawierający certyfikat klienta"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Plik zawierający klucz klienta"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Lista możliwych zestawów szyfrów"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Wymaga sprawdzenia certyfikatu TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Podaje używany mechanizm SASL"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Podaje używany identyfikator upoważnienia SASL"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Podaje obszar upoważnienia SASL do użycia"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Podaje minimalne SSF dla upoważnienia sasl LDAP"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Tablica kluczy usługi Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Używa uwierzytelniania Kerberos dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Podąża za odsyłaniami LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Czas trwania TGT dla połączenia LDAP"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Jak wskazywać aliasy"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Nazwa usługi do wyszukiwań usługi DNS"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Liczba wpisów do pobrania w jednym zapytaniu LDAP"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr "Suma liczb, których musi brakować, aby wywołać pełne \"deref\""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -640,339 +643,344 @@ msgstr ""
"Określa, czy biblioteka LDAP powinna wykonywać odwrotne wyszukanie, aby "
"ujednolicić nazwę komputera podczas dowiązania SASL"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "Atrybut entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "Atrybut lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Jak długo utrzymywać połączenie z serwerem LDAP przed rozłączeniem"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Wyłącza kontrolę stronicowania LDAP"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Adres serwera Active Directory"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Czas oczekiwania na żądanie wyszukiwania"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "Czas oczekiwania na żądanie wyliczenia"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Czas między aktualizacjami wyliczania"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Czas między czyszczeniem pamięci podręcznej"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Wymaga TLS dla wyszukiwania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Używa mapowania identyfikatorów objectSID zamiast uprzednio ustawionych "
"identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Podstawowe DN dla wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Zakres wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filtruje wyszukiwania użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Klasa obiektów dla użytkowników"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Atrybut nazwy użytkownika"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Atrybut UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Pierwszy atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Atrybut GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Atrybut katalogu domowego"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Atrybut powłoki"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Atrybut UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "Atrybut objectSID"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Atrybut głównej grupy Active Directory dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Atrybut głównego użytkownika (dla Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Imię i nazwisko"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Atrybut memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Atrybut czasu modyfikacji"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "Atrybut shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "Atrybut shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "Atrybut shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "Atrybut shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "Atrybut shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "Atrybut shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "Atrybut shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "Atrybut zawierający listę upoważnionych usług PAM"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Atrybut zawierający listę upoważnionych komputerów serwerowych"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "Atrybut krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "Atrybut krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr "Atrybut wskazujący, czy polityki haseł po stronie serwera są aktywne"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "Atrybut accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "Atrybut userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "Atrybut nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "Atrybut loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "Atrybut loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Atrybut loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "Atrybut klucza publicznego SSH"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "Podstawowe DN dla wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "Klasa obiektów dla grup"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Nazwa grupy"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Hasło grupy"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "Atrybut GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Atrybut elementu grupy"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Atrybut UUID grupy"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Atrybut czasu modyfikacji grup"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "Maksymalny poziom zagnieżdżenia, jaki usługa SSSD będzie używała"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "Podstawowe DN dla wyszukiwania grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Klasa obiektów dla grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Nazwa grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Atrybut elementów grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Potrójny atrybut grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Atrybut UUID grupy sieciowej"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Atrybut czasu modyfikacji grup sieciowych"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Podstawowe DN do wyszukiwania usług"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Klasa obiektów dla usług"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Atrybut nazwy usługi"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Atrybut portu usługi"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Atrybut protokołu usługi"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "Niższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "Wyższa granica dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Liczba identyfikatorów dla każdego kawałka podczas mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Używa algorytmu zgodnego z autorid do mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "Nazwa domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "SID domyślnej domeny dla mapowania identyfikatorów"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Użycie LDAP_MATCHING_RULE_IN_CHAIN do wyszukiwania grup inicjacyjnych"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Polityka do oszacowania wygaszenia hasła"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Filtr LDAP do określenia uprawnień dostępu"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Które atrybuty powinny być używane do sprawdzenia, czy konto wygasło"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr "Które reguły powinny być używane do sprawdzania kontroli dostępu"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Adres URI serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Adres URI zapasowego serwera LDAP, gdzie zmiany hasła są dozwolone"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "Nazwa usługi DNS serwera zmiany hasła LDAP"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -980,24 +988,24 @@ msgstr ""
"Określa, czy zaktualizować atrybut ldap_user_shadow_last_change po zmianie "
"hasła"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Podstawowe DN dla wyszukiwań reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "Okres między automatycznymi pełnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "Okres między automatycznymi inteligentnymi odświeżeniami"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Określa, czy filtrować reguły według nazwy komputera, adresów IP i sieci"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1005,149 +1013,149 @@ msgstr ""
"Nazwy komputerów i/lub pełne kwalifikowane nazwy domen tego komputera do "
"filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Adresy lub sieci IPv4 lub IPv6 tego komputera do filtrowania reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające grupy sieciowe w atrybucie komputera"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Określa, czy zawierać reguły zawierające wyrażenia regularne w atrybucie "
"komputera"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Klasa obiektów dla reguł sudo"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Nazwa reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Atrybut polecenia reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Atrybut komputera reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Atrybut użytkownika reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Atrybut opcji reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "Atrybut runasuser reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Atrybut runasgroup reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Atrybut notbefore reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Atrybut notafter reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Atrybut kolejności reguły sudo"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Klasa obiektów dla map automountera"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Atrybut nazwy mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Klasa obiektów dla wpisów map automountera"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Atrybut klucza wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Atrybut wartości wpisu mapy automountera"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Podstawowe DN dla wyszukiwań map automountera"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Lista dozwolonych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Lista zabronionych użytkowników oddzielonych przecinkami"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Domyślna powłoka, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Podstawa katalogów domowych"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Nazwa używanej biblioteki NSS"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Określa, czy wyszukiwać kanoniczną nazwę grupy w pamięci podręcznej, jeśli "
"to możliwe"
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Używany stos PAM"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Uruchamia jako demon (domyślnie)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Uruchamia interaktywnie (nie jako demon)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Podaje niedomyślny plik konfiguracji"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Wyświetla numer wersji i kończy działanie"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Poziom debugowania"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Dodaje czasy debugowania"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Wyświetlanie dat z mikrosekundami"
@@ -1155,7 +1163,7 @@ msgstr "Wyświetlanie dat z mikrosekundami"
msgid "An open file descriptor for the debug logs"
msgstr "Otwiera deskryptor pliku dla dzienników debugowania"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Domena dostawcy informacji (wymagane)"
@@ -1249,8 +1257,8 @@ msgstr "Hasło wygasło. Proszę je zmienić teraz."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Poziom debugowania, z jakim uruchomić"
@@ -1259,24 +1267,23 @@ msgstr "Poziom debugowania, z jakim uruchomić"
msgid "The SSSD domain to use"
msgstr "Domena SSSD do użycia"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Błąd podczas ustawiania lokalizacji\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Brak pamięci\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Nie podano użytkownika\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Błąd podczas wyszukiwania kluczy publicznych\n"
@@ -1343,21 +1350,21 @@ msgstr "Proszę podać użytkownika do dodania\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Błąd podczas inicjowania narzędzi - brak lokalnej domeny\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Błąd podczas inicjowania narzędzi\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Podano nieprawidłową domenę w FQDN\n"
@@ -1378,7 +1385,7 @@ msgstr "Grupy muszą być w tej samej domenie co użytkownik\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Nie można odnaleźć grupy %1$s w lokalnej domenie\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Nie można ustawić domyślnych wartości\n"
@@ -1459,7 +1466,7 @@ msgstr "Grupa %1$s jest poza określonym zakresem identyfikatorów dla domeny\n"
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1589,73 +1596,73 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Wewnętrzny błąd. Nie można wydrukować grupy.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Usuwa katalog domowy i bufor poczty"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Nie usuwa katalogu domowego i bufora poczty"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Wymusza usunięcie plików, których właścicielem nie jest użytkownik"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Usuwa procesy użytkownika przed jego usunięciem"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Proszę podać użytkownika do usunięcia\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Użytkownik %1$s jest poza określonym zakresem identyfikatorów dla domeny\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Nie można przywrócić kontekstu loginu SELinuksa\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"OSTRZEŻENIE: użytkownik (UID %1$lu) był zalogowany podczas jego usunięcia.\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Nie można określić, czy użytkownik był zalogowany na tej platformie"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Błąd podczas sprawdzania, czy użytkownik był zalogowany\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Polecenie po usunięciu nie powiodło się: %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Katalog domowy nie zostanie usunięty - użytkownik nie jest właścicielem\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Nie można usunąć katalogu domowego: %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Nie ma takiego użytkownika w lokalnej domenie. Usuwanie użytkowników jest "
"dozwolone tylko w lokalnej domenie.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Wewnętrzny błąd. Nie można usunąć użytkownika.\n"
@@ -1711,72 +1718,75 @@ msgstr "Błąd transakcji. Nie można zmodyfikować użytkownika.\n"
msgid "No cache object matched the specified search\n"
msgstr "Żaden obiekt pamięci podręcznej nie pasuje do podanego wyszukiwania\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Nie można unieważnić %1$s"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Nie można unieważnić %1$s %2$s"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Unieważnia podanego użytkownika"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Unieważnia wszystkich użytkowników"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Unieważnia podaną grupę"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Unieważnia wszystkie grupy"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "Unieważnia podaną grupę sieciową"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "Unieważnia wszystkie grupy sieciowe"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Unieważnia podaną usługę"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Unieważnia wszystkie usługi"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "Unieważnia podaną mapę autofs"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "Unieważnia wszystkie mapy autofs"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "Unieważnia wpisy tylko z podanej domeny"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr "Proszę wybrać co najmniej jeden obiekt do unieważnienia\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
+"Nie można otworzyć domeny %1$s. Jeśli domena jest poddomeną (zaufaną "
+"domeną), należy użyć w pełni kwalifikowanej nazwy zamiast parametru --"
+"domain/-d.\n"
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "Nie można otworzyć dostępnych domen\n"
@@ -1806,17 +1816,7 @@ msgstr "Brak pamięci\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s musi zostać uruchomione jako root\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
"Wysyła wyjście debugowania do plików, zamiast do standardowego wyjścia błędów"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr "Brak %1$s o nazwie %2$s w domenie %3$s, pomijanie\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr ""
-#~ "Brak obiektów typu %1$s z domeny %2$s w pamięci podręcznej, pomijanie\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "Nie można otworzyć domeny %1$s\n"
diff --git a/po/pt.po b/po/pt.po
index 08f2487ae..f79dbc251 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n"
"Language: pt\n"
@@ -302,799 +302,811 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Domínio IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Endereço do servidor IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Nome da máquina do cliente IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Endereço do servidor Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Reino Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Tempo de expiração da autenticação"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Directório para armazenar as caches de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Localização da cache de credenciais dos utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Localização da tabela de chaves (keytab) para validar credenciais"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Activar validação de credenciais"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Servidor onde está em execução o serviço de alteração de senha, se não "
"coincide com o KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, O URI do servidor LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "A base DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "O DN por omissão para a ligação"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "O tipo de token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "O token de autenticação do bind DN por omissão"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Período de tempo para tentar ligação"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tempo de espera para tentar operações LDAP síncronas"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tempo de espera entre tentativas para re-conectar quando desligado"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Ficheiro que contêm os certificados CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Caminho para o directório do certificado CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Obriga a verificação de certificados TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Especificar mecanismo sasl a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Especifique o id sasl para utilizar na autorização"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Separador chave do serviço Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Utilizar autenticação Kerberos para ligações LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Seguir os referrals LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Tempo de espera por um pedido de pesquisa"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Período de tempo entre enumeração de actualizações"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Requer TLS para consultas de ID"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "DN base para pesquisa de utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Âmbito das pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filtro para as pesquisas do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass para utilizadores"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Atributo do nome do utilizador"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Atributo UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Atributo GID primário"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Atributo GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Atributo da pasta pessoal"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Atributo da Shell"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Atributo UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Atributo principal do utilizador (para Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Nome Completo"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Atributo memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Atributo da alteração da data"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Politica para avaliar a expiração da senha"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Lista de utilizadores autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Lista de utilizadores não autorizados separados por vírgulas"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Shell pré-definida, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Directório base para as pastas pessoais"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "O nome da biblioteca NSS a utilizar"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Stack PAM a utilizar"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Tornar-se num serviço (omissão)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Executar interactivamente (não como serviço)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Especificar um ficheiro de configuração não standard"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Nível de depuração"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Adicionar tempos na depuração"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1102,7 +1114,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr "Um descritor de ficheiro aberto para os registos de depuração"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Domínio do fornecedor de informação (obrigatório)"
@@ -1196,8 +1208,8 @@ msgstr "A senha expirou. Altere a sua senha agora."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "O nível de depuração a utilizar durante a execução"
@@ -1206,24 +1218,23 @@ msgstr "O nível de depuração a utilizar durante a execução"
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Erro ao definir a configuração regional\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1290,21 +1301,21 @@ msgstr "Indique utilizador a adicionar\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Erro ao inicializar as ferramentas - não existe domínio local\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Erro ao inicializar as ferramentas\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Domínio inválido especificado no FQDN\n"
@@ -1325,7 +1336,7 @@ msgstr "Os grupos têm de pertencer ao mesmo domínio que o utilizador\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Incapaz de definir valores por omissão\n"
@@ -1403,7 +1414,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1525,72 +1536,72 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Erro interno. Incapaz de imprimir grupo.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Remover pasta pessoal e spool de correio"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Não remover pasta pessoal e spool de correio"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Forçar a remoção de ficheiros não pertencentes ao utilizador"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Mate os processos do utilizador antes de o remover"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Especificar o utilizador a remover\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Não foi possível redefinir o contexto SELinux para a sessão\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Não foi possível determinar se o utilizador estava autenticado nesta "
"plataforma"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Erro ao verificar se o utilizador estava autenticado\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "Pasta pessoal não removida - não pertence ao utilizador\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Utilizador não existe no domínio local. Apenas é permitido remover "
"utilizadores no domínio local.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Erro interno. Incapaz de remover utilizador.\n"
@@ -1644,72 +1655,72 @@ msgstr "Erro na transacção. Não foi possível modificar o utilizador.\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1739,6 +1750,6 @@ msgstr "Memória esgotada\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Enviar o resultado de depuração para ficheiro em vez do stderr"
diff --git a/po/ru.po b/po/ru.po
index 53c28a0e9..e224e1340 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n"
"Language: ru\n"
@@ -303,803 +303,812 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
-msgstr "Если требуется автоматическое обновление записи в"
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Интерфейс, адрес которого будет использован для обновления DNS"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr "Если требуется автоматическое обновление записи в"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
-msgstr "Интерфейс, адрес которого будет использован для обновления DNS"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-домен"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "адрес сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "имя узла клиента IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Если требуется автоматическое обновление записи в"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Имя сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Область действия Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Тайм-аут проверки подлинности"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Каталог для хранения кэшей учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Расположения кэша учётных данных пользователей"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Расположение keytab-файла для проверки учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Включить проверку учётных данных"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
"При отсутствии соединения сохранить пароль и пройти аутентификацию позже"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr "Сервер, на котором запущена служба смены пароля (если не на KDC)"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI сервера LDAP "
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Base DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схемы, используемой на LDAP-сервере, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип маркера проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Маркер проверки подлинности для bind DN по умолчанию"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Временной интервал для попытки соединения"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Временной интервал для попытки синхронизации операций LDAP"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Временной интервал между попытками возобновления соединения в автономного "
"режиме"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Файл содержащий сертификаты CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Путь к каталогу с сертификатами CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Требуется проверка сертификата TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Укажите механизм sasl"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Укажите идентификатор авторизации sasl"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Keytab-файл службы Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Использовать проверку подлинности Kerberos для LDAP-соединения"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Следовать ссылкам LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Время жизни TGT для LDAP-соединений"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Временной интервал, в течение которого ожидать поискового запроса"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Временной интервал между обновлениями перечисления"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Требовать TLS для запросов ID"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Base DN для поиска"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Глубина поиска"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Фильтр поиска"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objectclass для пользователей"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Атрибут «username»"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Атрибут «UID»"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Атрибут «primary GID»"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Атрибут «GECOS»"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Атрибут домашнего каталога"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Атрибут оболочки"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Атрибут «UUID»"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут участника-пользователя (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Полное имя"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Атрибут времени изменения"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Политика вычисления окончания срока действия пароля"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Фильтр LDAP для определения прав доступа"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Разделённый запятыми список разрешённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Разделённый запятыми список запрещённых пользователей"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Оболочка по умолчанию, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Место для домашних каталогов"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Имя используемой библиотеки NSS"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Используемый стек PAM"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Запускаться в качестве службы (по умолчанию)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Запускаться интерактивно (не службой)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Указать файл конфигурации"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Уровень отладки"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Добавить отладочные отметки времени"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1107,7 +1116,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr "Открытый дескриптор файла для журналов отладки"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Домен поставщика информации (обязательный)"
@@ -1203,8 +1212,8 @@ msgstr "Срок действия пароля истёк. Необходимо
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Уровень отладки для запуска"
@@ -1213,24 +1222,23 @@ msgstr "Уровень отладки для запуска"
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1297,21 +1305,21 @@ msgstr "Укажите добавляемого пользователя\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Ошибка инициализации инструментов - не найден локальный домен\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Ошибка инициализации инструментов\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "В FQDN указан неверный домен\n"
@@ -1332,7 +1340,7 @@ msgstr "Группы должны быть в том же домене, что
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Не удалось установить значения по умолчанию\n"
@@ -1411,7 +1419,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1532,71 +1540,71 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Внутренняя ошибка. Невозможно напечатать группу.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Удалить домашний каталог и почтовую очередь"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Не удалять домашний каталог и почтовую очередь"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Принудительно удалять файлы, не принадлежащие пользователю"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Укажите пользователя для удаления\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
"Домашняя директория не удалена — пользователь не является её владельцем\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"В локальном домене нет такого пользователя. Удаление пользователей разрешено "
"только для локального домена.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Внутренняя ошибка. Не удалось удалить пользователя.\n"
@@ -1648,72 +1656,72 @@ msgstr "Ошибка в транзакции. Не удалось изменит
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1743,6 +1751,6 @@ msgstr "Недостаточно памяти\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Отправлять отладочные сообщения в файлы, а не в stderr"
diff --git a/po/sssd.pot b/po/sssd.pot
index bd5c5e341..816d400d1 100644
--- a/po/sssd.pot
+++ b/po/sssd.pot
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -293,797 +293,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1091,7 +1103,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1185,8 +1197,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1195,24 +1207,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1279,21 +1290,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1314,7 +1325,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1391,7 +1402,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1504,68 +1515,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1615,72 +1626,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1710,6 +1721,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/sv.po b/po/sv.po
index c7045809d..8ec179ee5 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -8,9 +8,9 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-30 09:50+0000\n"
-"Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Swedish (http://www.transifex.com/projects/p/fedora/language/"
"sv/)\n"
"Language: sv\n"
@@ -310,303 +310,308 @@ msgid "Treat usernames as case sensitive"
msgstr "Behandla användarnamn som skiftlägeskänsliga"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
-msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
+msgid "How often should expired entries be refreshed in background"
+msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
-msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den"
+msgid "Whether to automatically update the client's DNS entry"
+msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
+msgid "The TTL to apply to the client's DNS entry after updating it"
+msgstr "TTL:en att använda för klientens DNS-post efter att ha uppdaterat den"
+
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
-msgstr "Gränssnittet var IP skall användas för dynamiska DNS-uppdateringar"
+msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA-domän"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA-serveradress"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "Adress till reserv-IPA-server"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr "Om klientens DNS-post i FreeIPA automatiskt skall uppdateras"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Sökbas för HBAC-relaterade objekt"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr "Tidsåtgången mellan uppslagningar av HBAC-reglerna mot IPA-servern"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
"Tiden i sekunder mellan uppslagningar av SELinux-mappningar mot IPA-servern"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Om det finns DENY-regler, antingen DENY_ALL eller IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr "Om satt till falskt kommer värdargument givna av PAM ignoreras"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "Platsen för automatmonteraren denna IPA-klient använder"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr "Sökbas för objekt som innehåller information om IPA-domänen"
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr "Sökbas för objekt som innehåller information om ID-intervall"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Active Directory-domän"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Adress till Active Directory-server"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Adress till Active Directory-reservserver"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Active Directory-klienvärdnamn"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Adress till server för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Adress till reservserver för Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Kerberosrike"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Autentiseringstidsgräns"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Katalog att lagra kreditiv-cachar i"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Plats för användarens kreditiv-cache"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Plats för nyckeltabellen för att validera kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Aktivera validering av kreditiv"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr "Lagra lösenord när ej ansluten för ansluten autentisering senare"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "Förnybar livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "Livstid för TGT:n"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Tid mellan två kontroller av förnyelse"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Aktiverar FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Väljer huvudman att använda för FAST"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Aktivera kanonsisk form av huvudman"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr "Server där ändringstjänsten för lösenord kör om inte på KDC:n"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, URI:n för LDAP-servern"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Standard bas-DN"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Schematypen som används i LDAP-servern, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Typen på autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Autenticerings-token för standard bindnings-DN"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Tidslängd att försöka ansluta"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Tidslängd att försök synkrona LDAP-operationer"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr "Tidslängd mellan försök att återansluta vid frånkoppling"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Använd endast versaler för namn på riken"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Fil som innehåller CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Sökväg till katalogen med CA-certifikat"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Fil som innehåller klientcertifikatet"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Fil som innehåller klientnyckeln"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Lista över möjliga chiffersviter"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Kräv TLS-certifikatverifiering"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Ange sasl-mekanismen att använda"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Ange sasl-auktorisering-id att använda"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Ange sasl-auktoriseringsrike att använda"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr "Ange minsta SSF för LDAP-sasl-auktorisering"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Kerberostjänstens nyckeltabell"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Avnänd Kerberosautenticering för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Följer LDAP-hänvisningar"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Livslängd på TGT för LDAP-anslutning"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Hur alias skall derefereras"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Tjänstenamn för uppslagning av DNS-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Antalet poster som skall hämtas i en enda LDAP-fråga"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Antalet medlemmar som måste saknas för att orsaka en fullständig dereferering"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -614,337 +619,342 @@ msgstr ""
"Huruvida LDAP-biblioteket skall utföra en omvänd uppslagning för att ta fram "
"värdnamnets kanoniska form under en SASL-bindning"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "entryUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "lastUSN-attribut"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
"Hur länge en anslutning till LDAP-servern skall behållas före den kopplas ner"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Avaktivera flödesstyrningen (paging) av LDAP"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Adress till Active Directory-server"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Tidslängd att vänta på en sökbegäran"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "Tidslängd att vänta på en uppräkningsbegäran"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Tidslängd mellan uppräkningsuppdateringar"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Tidslängd mellan cache-tömningar"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Kräv TLS för ID-uppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr "Använd ID-översättning av objectSID istället för pre-set ID:n"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Bas-DN för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Omfång av användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Filter för användaruppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Objektklass för användare"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Användarnamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "UID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Primärt GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "GECOS-attribut"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Hemkatalogattribut"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Skalattribut"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "UUID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "objectSID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr "Primärt gruppattribut i Active Directory för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Användarens huvudmansattribut (för Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Fullständigt namn"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "medlemAv-attribut"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Modifieringstidsattribut"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "attributet shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "shadowMin-attribut"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "shadowMax-attribut"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "shadowWarning-attribut"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "shadowInactive-attribut"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "shadowExpire-attribut"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "shadowFlag-attribut"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "Attribut för listning av auktoriserade PAM-tjänster"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Attribut för listning av auktoriserade servervärdar"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "attributet krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "krbPasswordExpiration-attribut"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr "Attribut som indikerar att serversidans lösenordspolicyer är aktiva"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "AD:s attribut accountExpires"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "AD:s attribut userAccountControl"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "attributet nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "NDS attribut loginDisabled"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "NDS attribut loginExpirationTime"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "NDS attribut loginAllowedTimeMap"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "Attribut för publik SSH-nyckel"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "Bas-DN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "Objektklass för grupper"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Gruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Grupplösenord"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "GID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Gruppmedlemsattribut"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Grupp-UUID-attribut"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Modifieringstidsattribut för grupper"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "Maximal nästningsnivå SSSd kommer följa"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "Bas-DN för nätgruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Objektklass för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Nätgruppnamn"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Attribut på nätgruppmedlemmar"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Attribut på nätgruppstripplar"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Attribut på nätgrupps-UUID"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Modifieringstidsattribut för nätgrupper"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Bas-DN för tjänsteuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Objektklass för tjänster"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Tjänstenamnsattribut"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Tjänsteportsattribut"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Tjänsteprotokollsattribut"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "Undre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "Övre gräns för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr "Antal ID:n till varje skiva vid ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr "Använd en autorid-kompatibel algoritm för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "Standarddomänens namn för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "Standarddomänens SID för ID-mappning"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr "Använd LDAP_MATCHING_RULE_IN_CHAIN för init-gruppuppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Policy för att utvärdera utgång av lösenord"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "LDAP-filter för att bestämma åtkomstprivilegier"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr "Vilka attribut skall användas för att avgöra om ett konto gått ut"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr "Vilka regler skall användas för att avgöra åtkomstkontroll"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr "URI till en LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "URI till en reserv-LDAP-server där lösenordsändringar är tillåtna"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "DNS-tjänstenamn för LDAP-lösenordsändringsservern"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -952,24 +962,24 @@ msgstr ""
"Huruvida attributet ldap_user_shadow_last_change skall uppdateras efter en "
"ändring av lösenord"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Bas-DN för regeluppslagningar"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "Intervall mellan automatisk fullständig omläsning"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "Intervall mellan automatisk smart omläsning"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Huruvida regler skall filtreras efter värdnamn, IP-adresser och nätverk"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -977,148 +987,148 @@ msgstr ""
"Värdnamn och/eller fullständigt kvalificerade domännamn på denna maskin för "
"att filtrera sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"IPv4- eller IPv6-adresser eller -nätverk för denna maskin för att filtrera "
"sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Huruvida regler som innehåller nätgrupper i värdattribut skall inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Huruvida regler som innehåller reguljära uttryck i värdattribut skall "
"inkluderas"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Objektklass för sudo-regler"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Sudo-regelnamn"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Attribut för sudo-regelkommandon"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Attribut för sudo-regelvärd"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Attribut för sudo-regelanvändare"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Attribut för sudo-regelflaggor"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr "Attribut för sudo-runasuser"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Attribut på runasgroup i sudo-regel"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Attribut för sudo-notbefore-regler"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Attribut för sudo-notafter-regler"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Attribut för sudo-order-regler"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Objektklass för automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Attribut för automatmonteraravbildningsnamn"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Objektklass för poster i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Attribut för postnycklar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Attribut på postvärde i avbildning för automatmonteraren"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Bas-DN för uppslagningar i automatmonteraravbildningar"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Kommaseparerad lista över tillåtna användare"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Kommaseparerad lista över förbjudna användare"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Standardskal, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Bas för hemkataloger"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Namnet på NSS-biblioteket att använda"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr "Huruvida kanoniska gruppnamn skall slås upp från cachen om möjligt"
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "PAM-stack att använda"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Bli en demon (standard)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Kör interaktivt (inte en demon)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Ange en konfigurationsfil annan än standard"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Skriv ut versionsnumret och avsluta"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Felsökningsnivå"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Lägg till felsökningstidstämplar"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Visa tidsstämplar med mikrosekunder"
@@ -1126,7 +1136,7 @@ msgstr "Visa tidsstämplar med mikrosekunder"
msgid "An open file descriptor for the debug logs"
msgstr "Ett öppet filhandtag för felsökningsloggarna"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Domän för informationsleverantören (obligatoriskt)"
@@ -1220,8 +1230,8 @@ msgstr "Lösenordet har gått ut. Ändra ditt lösenord nu."
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Felsökningsnivån att köra med"
@@ -1230,24 +1240,23 @@ msgstr "Felsökningsnivån att köra med"
msgid "The SSSD domain to use"
msgstr "SSSD-domäner att använda"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Fel när lokalen sattes\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Inte tillräckligt med minne\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Ingen användare angiven\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Fel vid uppslagning av publika nycklar\n"
@@ -1314,21 +1323,21 @@ msgstr "Ange en användare att lägga till\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Fel vid initiering av verktygen — ingen lokal domän\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Fel vid initiering av verktygen\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "Ogiltig domän angiven i FQDN\n"
@@ -1349,7 +1358,7 @@ msgstr "Grupper måste finnas i samma domän som användaren\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr "Hittar inte gruppen %1$s i den lokala domänen\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Kan inte sätta standardvärden\n"
@@ -1428,7 +1437,7 @@ msgstr "Gruppen %1$s är utanför det definierade ID-intervallet för domänen\n
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1557,72 +1566,72 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Internt fel. Det gick inte att skriva ut gruppen.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Ta bort hemkatalog och brevlåda"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Ta inte bort hemkatalog och brevlåda"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Framtvinga borttagning av filer som inte ägs av användaren"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Döda anvädares processer före de tas bort"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Ange användare att ta bort\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Användaren %1$s är utanför det definierade ID-intervallet för domänen\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Kan inte återställa SELinux-inloggningskontext\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"VARNING: Användaren (uid %1$lu) var fortfarande inloggad när han togs bort.\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr "Det går inte att avgöra om användaren var inloggad på denna plattform"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Fel vid kontroll om användaren var inloggad\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Kommandot efter borttagandet misslyckades: %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "Tar inte bort hemkatalogen - ägs inte av användaren\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Kan inte ta bort hemkatalogen: %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"Ingen sådan användare i den lokala domänen. Det går endast att ta bort "
"användare i den lokala domänen.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Internt fel. Det gick inte att ta bort användaren.\n"
@@ -1676,72 +1685,72 @@ msgstr "Transaktionsfel. Det gick inte att ändra användaren.\n"
msgid "No cache object matched the specified search\n"
msgstr "Inga cache-objekt matchade den angivna sökningen\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Kunde inte invalidera %1$s"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Kunde inte invalidera %1$s %2$s"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Invalidera en viss användare"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Invalidera alla användare"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Invalidera en viss grupp"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Invalidera alla grupper"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "Invalidera en viss nätgrupp"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "Invalidera alla nätgrupper"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Invalidera en viss tjänst"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Invalidera alla tjänster"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "Invalidera en viss autofs-mapp"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "Invalidera alla autofs-mappar"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "Invalidera endast poster från en viss domän"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr "Välj åtminstone ett objekt att invalidera\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "Kunde inte öppna tillgängliga domäner\n"
@@ -1773,16 +1782,6 @@ msgstr "Slut på minne\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s måste köras som root\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Skicka felutskrifter till filer istället för standard fel"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr "Ingen %1$s med namnet %2$s i domänen %3$s, hoppar över\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr ""
-#~ "Inget objekt av typen %1$s från domänen %2$s i cachen, hoppar över\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "Kunde inte öppna domänen %1$s\n"
diff --git a/po/tg.po b/po/tg.po
index 9c796bcaa..d474441fb 100644
--- a/po/tg.po
+++ b/po/tg.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/"
"tg/)\n"
@@ -294,797 +294,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Номи гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Пароли гурӯҳ"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "Аттрибути GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1092,7 +1104,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1186,8 +1198,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1196,24 +1208,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1280,21 +1291,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1315,7 +1326,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1392,7 +1403,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1505,68 +1516,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1616,72 +1627,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1711,6 +1722,6 @@ msgstr "Берун аз хотира\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/tr.po b/po/tr.po
index 1c806668a..fad6d5dfb 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Turkish (http://www.transifex.com/projects/p/fedora/language/"
"tr/)\n"
@@ -295,797 +295,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA alanı"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos sunucu adresi"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1093,7 +1105,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1187,8 +1199,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1197,24 +1209,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1281,21 +1292,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1316,7 +1327,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1393,7 +1404,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1506,68 +1517,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1617,72 +1628,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1712,6 +1723,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/uk.po b/po/uk.po
index 53b59fae4..fd9d2991b 100644
--- a/po/uk.po
+++ b/po/uk.po
@@ -4,14 +4,14 @@
#
# Translators:
# sgallagh <sgallagh@redhat.com>, 2011
-# Yuri Chornoivan <yurchor@ukr.net>, 2011-2012
+# Yuri Chornoivan <yurchor@ukr.net>, 2011-2013
# Yuri Chornoivan <yurchor@ukr.net>, 2013
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 19:22+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:50+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n"
"Language: uk\n"
@@ -329,320 +329,323 @@ msgid "Treat usernames as case sensitive"
msgstr "Враховувати регістр у іменах користувачів"
#: src/config/SSSDConfig/__init__.py.in:128
-#, fuzzy
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
-"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
-"FreeIPA"
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
+msgid "Whether to automatically update the client's DNS entry"
+msgstr "Визначає, чи слід автоматично оновлювати запис DNS клієнта"
+
+#: src/config/SSSDConfig/__init__.py.in:130
+#: src/config/SSSDConfig/__init__.py.in:143
msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
"TTL, який слід застосовувати до запису DNS клієнта після його оновлення"
-#: src/config/SSSDConfig/__init__.py.in:130
-#: src/config/SSSDConfig/__init__.py.in:143
+#: src/config/SSSDConfig/__init__.py.in:131
+#: src/config/SSSDConfig/__init__.py.in:144
msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS"
-#: src/config/SSSDConfig/__init__.py.in:131
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:132
msgid "How often to periodically update the client's DNS entry"
-msgstr ""
-"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
-"FreeIPA"
+msgstr "Визначає, наскільки часто слід періодично оновлювати запис DNS клієнта"
-#: src/config/SSSDConfig/__init__.py.in:132
+#: src/config/SSSDConfig/__init__.py.in:133
msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
+"Визначає, чи слід надавачу даних також явним чином оновлювати запис PTR"
-#: src/config/SSSDConfig/__init__.py.in:133
+#: src/config/SSSDConfig/__init__.py.in:134
msgid "Whether the nsupdate utility should default to using TCP"
-msgstr ""
+msgstr "Визначає, чи слід програмі nsupdate типово використовувати TCP"
-#: src/config/SSSDConfig/__init__.py.in:134
-#, fuzzy
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-"Інтерфейс, чию адресу IP має бути використано для динамічних оновлень DNS"
+"Визначає тип розпізнавання, який слід використовувати для виконання "
+"оновлення DNS"
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "Домен IPA"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "Адреса сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "Адреса резервного сервера IPA"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "Назва вузла клієнта IPA"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
"Визначає, чи слід автоматично оновлювати запис DNS клієнтського вузла у "
"FreeIPA"
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr "Шукати у базі об’єкти, пов’язані з HBAC"
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
"Інтервал часу між послідовними сеансами пошуку правил HBAC на сервері IPA"
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr "Час, у секундах, між пошуками у картах SELinux на сервері IPA"
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr "Якщо вказано правила DENY, DENY_ALL або IGNORE"
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
"Якщо встановлено значення «false», аргумент вузла, наданий PAM, буде "
"проігноровано"
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr "Адреса автоматичного монтування, яку використовує цей клієнт IPA"
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr "Шукати у базі об’єкт, що містить дані щодо домену IPA"
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr "Шукати у базі об’єкти, що містять дані щодо діапазонів ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
-msgstr ""
+msgstr "Увімкнути сайти DNS — визначення служб на основі адрес"
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr "Домен Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr "Адреса сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr "Адреса резервного сервера Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr "Назва клієнтського вузла Active Directory"
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Адреса сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr "Адреса резервного сервера Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr "Область Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "Час очікування на розпізнавання"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "Каталог, де зберігатиметься кеш реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "Адреса кешу реєстраційних даних користувача"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "Адреса таблиці ключів для перевірки реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "Увімкнути перевірку реєстраційних даних"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr "Зберігати пароль у автономному режимі для розпізнавання у мережі"
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr "Поновлюваний строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr "Строк дії TGT"
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr "Граничний час між двома перевірками для поновлення"
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr "Вмикає FAST"
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr "Визначає реєстраційний запис, який слід використовувати для FAST"
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr "Вмикає перетворення реєстраційних записів у канонічну форму"
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
-msgstr ""
+msgstr "Увімкнути промислові реєстраційні дані"
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
"Сервер, на якому запущено службу зміни паролів, якщо такий не вдасться "
"виявити у KDC"
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr "ldap_uri, адреса URI сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr "ldap_backup_uri, адреса сервера LDAP"
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr "Типова базова назва домену"
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr "Тип схеми, використаний на сервері LDAP, rfc2307"
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr "Типова назва домену прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr "Тип розпізнавання для типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr "Лексема розпізнавання типової назви сервера прив’язки"
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr "Проміжок часу між спробами встановлення з’єднання"
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr "Проміжок часу між спробами виконання синхронних операцій LDAP"
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
"Проміжок часу між повторними спробами встановлення з’єднання у автономному "
"режимі"
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr "Використовувати для назв областей лише великі літери"
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr "Файл, що містить сертифікати CA"
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr "Шлях до каталогу сертифікатів CA"
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr "Файл, що містить клієнтський сертифікат"
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr "Файл, що містить клієнтський ключ"
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr "Показати список можливих інструментів шифрування"
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "Потрібна перевірка сертифіката TLS"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "Вкажіть механізм SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "Вкажіть ідентифікатор уповноваження SASL, який слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr "Вкажіть область уповноваження SASL, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
"Вказати мінімальне значення SSF для розпізнавання на LDAP за допомогою sasl"
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr "Таблиця ключів служби Kerberos"
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr "Розпізнавання Kerberos для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr "Переходити за посиланнями LDAP"
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr "Строк дії TGT для з’єднання LDAP"
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr "Спосіб розіменування псевдонімів"
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr "Назва служби для пошуків за допомогою служби DNS"
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr "Кількість записів, які слід отримувати у відповідь на один запит LDAP"
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
"Кількість учасників, яких має не вистачати для вмикання повного скасування "
"посилань"
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
@@ -650,349 +653,354 @@ msgstr ""
"Визначає, чи має бібліотека LDAP виконувати зворотній пошук з метою "
"переведення назв вузлів у канонічну форму під час прив’язки до SASL"
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr "Атрибут entryUSN"
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr "Атрибут lastUSN"
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr "Тривалість підтримування з’єднання з сервером LDAP перед роз’єднанням"
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr "Вимкнути контроль сторінок у LDAP"
#: src/config/SSSDConfig/__init__.py.in:226
+#, fuzzy
+msgid "Disable Active Directory range retrieval"
+msgstr "Адреса сервера Active Directory"
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "Тривалість очікування на дані запиту пошуку"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr "Тривалість очікування на дані запиту щодо переліку"
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr "Проміжок часу між оновленнями нумерації"
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr "Проміжок часу між спорожненнями кешу"
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr "Вимагати TLS для пошуків ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
"Використовувати відповідності ідентифікаторів objectSID замість попередньо "
"встановлених ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr "Базова назва домену для пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr "Діапазон пошуків користувачів"
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr "Фільтр пошуку користувачів"
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr "Клас об’єктів для користувачів"
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr "Атрибут імені користувача"
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr "Атрибут UID"
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr "Головний атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr "Атрибут GECOS"
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr "Атрибут домашнього каталогу"
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr "Атрибут оболонки"
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr "Атрибут UUID"
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr "Атрибут objectSID"
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
"Атрибут основної групи Active Directory для встановлення відповідності "
"ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr "Атрибут реєстраційного запису користувача (для Kerberos)"
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "Повне ім'я"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr "Атрибут memberOf"
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr "Атрибут часу зміни"
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr "Атрибут shadowLastChange"
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr "Атрибут shadowMin"
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr "Атрибут shadowMax"
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr "Атрибут shadowWarning"
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr "Атрибут shadowInactive"
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr "Атрибут shadowExpire"
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr "Атрибут shadowFlag"
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr "Атрибути зі списком уповноважених служб PAM"
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr "Атрибути зі списком уповноважених серверних вузлів"
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr "Атрибут krbLastPwdChange"
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr "Атрибут krbPasswordExpiration"
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
"Атрибут, що відповідає за активізацію правил обробки паролів на боці сервера"
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr "Атрибут accountExpires AD"
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr "Атрибут userAccountControl AD"
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr "Атрибут nsAccountLock"
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr "Атрибут loginDisabled NDS"
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr "Атрибут loginExpirationTime NDS"
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr "Атрибут loginAllowedTimeMap NDS"
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr "Атрибут відкритого ключа SSH"
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr "Базова назва домену для пошуків груп"
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr "Клас об’єктів для груп"
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr "Назва групи"
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr "Пароль групи"
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr "Атрибут GID"
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr "Атрибут членства у групі"
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr "Атрибут UUID групи"
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr "Атрибут часу зміни для груп"
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr "Максимальний рівень вкладеності, який використовуватиме SSSD"
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr "Базова назва домену для пошуків груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr "Клас об’єктів для груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr "Назва мережевої групи"
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr "Атрибут членства у групах у мережі"
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr "Атрибут трійки груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr "Атрибут UUID груп у мережі"
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr "Атрибут часу зміни для мережевих груп"
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr "Базова сервер назв домену для пошуку служб"
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr "Клас об’єктів для служб"
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr "Атрибут назви служби"
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr "Атрибут порту служби"
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr "Атрибут протоколу служби"
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr "Нижня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr "Верхня межа встановлення відповідності ідентифікатора"
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
"Кількість ідентифікаторів для кожного зрізу під час встановлення "
"відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
"Використовувати для встановлення відповідності ідентифікаторів алгоритм, "
"сумісний з autorid"
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr "Назва типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr "SID типового домену для встановлення відповідності ідентифікаторів"
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr "Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків груп (group)"
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
"Використовувати LDAP_MATCHING_RULE_IN_CHAIN щодо пошуків початкових груп "
"(initgroup)"
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "Правила оцінки завершення строку дії пароля"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr "Фільтр LDAP для визначення прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
"Атрибути які слід використовувати для визначення чинності облікового запису"
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
"Правила, які має бути використано для визначення достатності прав доступу"
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr "Адреса на сервері LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr "Адреса резервного сервера LDAP, для якої можливі зміни паролів"
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr "Назва у службі DNS сервера зміни паролів LDAP"
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
@@ -1000,25 +1008,25 @@ msgstr ""
"Визначає, чи слід оновлювати атрибут ldap_user_shadow_last_change після "
"зміни пароля"
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr "Базова назва домену для пошуків правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr "Період автоматичного повного оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr "Період автоматичного кмітливого оновлення даних"
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
"Визначає, чи слід фільтрувати правила за назвами вузлів, IP-адресами та "
"мережами"
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
@@ -1026,152 +1034,152 @@ msgstr ""
"Назви вузлів і/або повні назви у домені для цього комп’ютера для "
"фільтрування списку правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
"Адреси IPv4 або IPv6 чи мережа цього комп’ютера для фільтрування списку "
"правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять мережеву групу у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
"Визначає, чи слід включати правила, що містять формальний вираз у атрибуті "
"вузла"
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr "Клас об’єктів для правил sudo"
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr "Назва правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr "Атрибут команди правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr "Атрибут вузла правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr "Атрибут користувача правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr "Атрибут параметрів правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
"Атрибут користувача, від імені якого виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr "Атрибут групи, від імені якої виконуватиметься запуск, правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr "Атрибут граничного часу початку дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr "Атрибут граничного часу завершення дії правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr "Атрибут порядку правила sudo"
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr "Клас об’єктів для карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr "Атрибут назви карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr "Клас об’єктів для записів карт автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr "Атрибут ключа запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr "Атрибут значення запису карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr "Базовий сервер назв домену для пошуків карти автоматичного монтування"
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "Відокремлений комами список дозволених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "Відокремлений комами список заборонених користувачів"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "Типова оболонка, /bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr "Базова адреса домашніх каталогів"
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "Назва бібліотеки NSS, яку слід використовувати"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
"Визначає, чи слід виконувати пошук канонічної назви групи у кеші, якщо це "
"можливо"
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "Стек PAM, який слід використовувати"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "Запуститися фонову службу (типова поведінка)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "Запустити у інтерактивному режимі (без фонової служби)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "Вказати нетиповий файл налаштувань"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr "Вивести номер версії і завершити роботу"
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "Рівень зневаджування"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "Додавати діагностичні часові позначки"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr "Показувати мікросекунди у часових позначках"
@@ -1179,7 +1187,7 @@ msgstr "Показувати мікросекунди у часових позн
msgid "An open file descriptor for the debug logs"
msgstr "Дескриптор відкритого файла для запису журналів діагностики"
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr "Домен надання відомостей (обов’язковий)"
@@ -1273,8 +1281,8 @@ msgstr "Строк дії пароля вичерпано. Змініть ваш
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr "Рівень діагностики під час запуску"
@@ -1283,24 +1291,23 @@ msgstr "Рівень діагностики під час запуску"
msgid "The SSSD domain to use"
msgstr "Домен SSSD, який слід використовувати"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "Помилка під час спроби встановити локаль\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr "Недостатньо пам’яті\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr "Не вказано користувача\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr "Помилка під час спроби пошуку відкритих ключів\n"
@@ -1367,21 +1374,21 @@ msgstr "Вкажіть користувача, запис якого слід д
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "Помилка ініціалізації інструментів: немає локального домену\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "Помилка ініціалізації інструментів\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "У FQDN вказано некоректний домен\n"
@@ -1402,7 +1409,7 @@ msgstr "Групи мають належати до того самого дом
msgid "Cannot find group %1$s in local domain\n"
msgstr "Не вдалося знайти групу %1$s у локальному домені\n"
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "Не вдалося встановити типові значення\n"
@@ -1485,7 +1492,7 @@ msgstr "Група %1$s не належить визначеному діапа
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1616,74 +1623,74 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr "Внутрішня помилка. Не вдалося вивести дані групи.\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr "Вилучити домашній каталог і поштовий буфер"
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr "Не вилучати домашній каталог і поштовий буфер"
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "Примусово вилучити файли, які не належать користувачеві"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr "Припинити роботу процесів користувача перед вилученням його запису"
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "Вкажіть користувача, запис якого слід вилучити\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
"Користувач %1$s не належить визначеному діапазону ідентифікаторів домену\n"
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr "Не вдалося відновити початковий контекст входу SELinux\n"
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
"ПОПЕРЕДЖЕННЯ: користувач (uid %1$lu) все ще працював у системі на час "
"вилучення його запису.\n"
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
"Не вдалося визначити, чи увійшов користувач до системи на цій платформі"
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr "Помилка під час перевірки входу користувача до системи\n"
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr "Помилка команди, яку слід було виконати після вилучення запису: %1$s\n"
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "Домашній каталог не буде вилучено. Він не належить користувачеві.\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr "Не вдалося вилучити домашній каталог: %1$s\n"
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
"У локальному домені немає такого користувача. Вилучення користувачів можливе "
"лише у межах локального домену.\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "Внутрішня помилка Не вдалося вилучити запис користувача.\n"
@@ -1739,73 +1746,75 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr "Вказаному критерію пошуку не відповідає жоден об’єкт у кеші\n"
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr "Не вдалося скасувати визначення %1$s"
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr "Не вдалося скасувати визначення %1$s %2$s"
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr "Скасувати визначення певного користувача"
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr "Скасувати визначення всіх користувачів"
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr "Скасувати визначення певної групи"
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr "Скасувати визначення всіх груп"
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr "Скасувати визначення певної мережевої групи"
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr "Скасувати визначення всіх мережевих груп"
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr "Скасувати визначення певної служби"
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr "Скасувати визначення всіх служб"
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr "Скасувати визначення певну карту autofs"
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr "Скасувати визначення всіх карт autofs"
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr "Скасувати визначення лише записів з певного домену"
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
"Будь ласка, виберіть принаймні один об’єкт для скасовування відповідності\n"
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
+"Не вдалося відкрити домен %1$s. Якщо цей домен є піддоменом (довіреним "
+"доменом), скористайтеся повною назвою замість параметра --domain/-d.\n"
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr "Не вдалося відкрити доступні домени\n"
@@ -1835,15 +1844,6 @@ msgstr "Не вистачає пам'яті\n"
msgid "%1$s must be run as root\n"
msgstr "%1$s слід запускати від імені користувача root\n"
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "Надіслати діагностичні дані до файлів, а не до stderr"
-
-#~ msgid "No such %1$s named %2$s in domain %3$s, skipping\n"
-#~ msgstr "У домені %3$s немає %1$s з назвою %2$s, пропускаємо\n"
-
-#~ msgid "No objects of type %1$s from domain %2$s in the cache, skipping\n"
-#~ msgstr "У кеші немає об’єктів типу %1$s з домену %2$s, пропускаємо\n"
-
-#~ msgid "Could not open domain %1$s\n"
-#~ msgstr "Не вдалося відкрити домен %1$s\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
index 721333136..b23ca6d77 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (China) <trans-zh_cn@lists.fedoraproject.org>\n"
"Language: zh_CN\n"
@@ -294,797 +294,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA 服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr "IPA 备份服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos 服务器地址"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "验证超时"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr ""
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr ""
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr ""
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr ""
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr ""
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr ""
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1092,7 +1104,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1186,8 +1198,8 @@ msgstr ""
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1196,24 +1208,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1280,21 +1291,21 @@ msgstr ""
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr ""
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr ""
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr ""
@@ -1315,7 +1326,7 @@ msgstr ""
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr ""
@@ -1392,7 +1403,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1505,68 +1516,68 @@ msgstr ""
msgid "Internal error. Could not print group.\n"
msgstr ""
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr ""
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr ""
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr ""
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr ""
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr ""
@@ -1616,72 +1627,72 @@ msgstr ""
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1711,6 +1722,6 @@ msgstr ""
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr ""
diff --git a/po/zh_TW.po b/po/zh_TW.po
index d31ec5f0a..4f15b389f 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
-"POT-Creation-Date: 2013-05-03 21:13+0200\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:03+0200\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (Taiwan) <trans-zh_TW@lists.fedoraproject.org>\n"
"Language: zh_TW\n"
@@ -293,797 +293,809 @@ msgid "Treat usernames as case sensitive"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:128
-msgid "Whether to automatically update the client's DNS entry"
+msgid "How often should expired entries be refreshed in background"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:129
-#: src/config/SSSDConfig/__init__.py.in:142
-msgid "The TTL to apply to the client's DNS entry after updating it"
+msgid "Whether to automatically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:130
#: src/config/SSSDConfig/__init__.py.in:143
-msgid "The interface whose IP should be used for dynamic DNS updates"
+msgid "The TTL to apply to the client's DNS entry after updating it"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:131
-msgid "How often to periodically update the client's DNS entry"
+#: src/config/SSSDConfig/__init__.py.in:144
+msgid "The interface whose IP should be used for dynamic DNS updates"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:132
-msgid "Whether the provider should explicitly update the PTR record as well"
+msgid "How often to periodically update the client's DNS entry"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:133
-msgid "Whether the nsupdate utility should default to using TCP"
+msgid "Whether the provider should explicitly update the PTR record as well"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:134
+msgid "Whether the nsupdate utility should default to using TCP"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:135
msgid "What kind of authentication should be used to perform the DNS update"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:137
+#: src/config/SSSDConfig/__init__.py.in:138
msgid "IPA domain"
msgstr "IPA 網域"
-#: src/config/SSSDConfig/__init__.py.in:138
+#: src/config/SSSDConfig/__init__.py.in:139
msgid "IPA server address"
msgstr "IPA 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:139
+#: src/config/SSSDConfig/__init__.py.in:140
msgid "Address of backup IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:140
+#: src/config/SSSDConfig/__init__.py.in:141
msgid "IPA client hostname"
msgstr "IPA 客戶端主機名稱"
-#: src/config/SSSDConfig/__init__.py.in:141
+#: src/config/SSSDConfig/__init__.py.in:142
msgid "Whether to automatically update the client's DNS entry in FreeIPA"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:144
+#: src/config/SSSDConfig/__init__.py.in:145
msgid "Search base for HBAC related objects"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:145
+#: src/config/SSSDConfig/__init__.py.in:146
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:146
+#: src/config/SSSDConfig/__init__.py.in:147
msgid ""
"The amount of time in seconds between lookups of the SELinux maps against "
"the IPA server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:147
+#: src/config/SSSDConfig/__init__.py.in:148
msgid "If DENY rules are present, either DENY_ALL or IGNORE"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:148
+#: src/config/SSSDConfig/__init__.py.in:149
msgid "If set to false, host argument given by PAM will be ignored"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:149
+#: src/config/SSSDConfig/__init__.py.in:150
msgid "The automounter location this IPA client is using"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:150
+#: src/config/SSSDConfig/__init__.py.in:151
msgid "Search base for object containing info about IPA domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:151
+#: src/config/SSSDConfig/__init__.py.in:152
msgid "Search base for objects containing info about ID ranges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:152
-#: src/config/SSSDConfig/__init__.py.in:159
+#: src/config/SSSDConfig/__init__.py.in:153
+#: src/config/SSSDConfig/__init__.py.in:160
msgid "Enable DNS sites - location based service discovery"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:155
+#: src/config/SSSDConfig/__init__.py.in:156
msgid "Active Directory domain"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:156
+#: src/config/SSSDConfig/__init__.py.in:157
msgid "Active Directory server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:157
+#: src/config/SSSDConfig/__init__.py.in:158
msgid "Active Directory backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:158
+#: src/config/SSSDConfig/__init__.py.in:159
msgid "Active Directory client hostname"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:162
#: src/config/SSSDConfig/__init__.py.in:163
+#: src/config/SSSDConfig/__init__.py.in:164
msgid "Kerberos server address"
msgstr "Kerberos 伺服器位址"
-#: src/config/SSSDConfig/__init__.py.in:164
+#: src/config/SSSDConfig/__init__.py.in:165
msgid "Kerberos backup server address"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:165
+#: src/config/SSSDConfig/__init__.py.in:166
msgid "Kerberos realm"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:166
+#: src/config/SSSDConfig/__init__.py.in:167
msgid "Authentication timeout"
msgstr "認證逾時"
-#: src/config/SSSDConfig/__init__.py.in:169
+#: src/config/SSSDConfig/__init__.py.in:168
+msgid "Whether to create kdcinfo files"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:171
msgid "Directory to store credential caches"
msgstr "儲存憑證快取的目錄"
-#: src/config/SSSDConfig/__init__.py.in:170
+#: src/config/SSSDConfig/__init__.py.in:172
msgid "Location of the user's credential cache"
msgstr "使用者憑證快取的位置"
-#: src/config/SSSDConfig/__init__.py.in:171
+#: src/config/SSSDConfig/__init__.py.in:173
msgid "Location of the keytab to validate credentials"
msgstr "驗證憑證用的金鑰表格位置"
-#: src/config/SSSDConfig/__init__.py.in:172
+#: src/config/SSSDConfig/__init__.py.in:174
msgid "Enable credential validation"
msgstr "啟用憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:173
+#: src/config/SSSDConfig/__init__.py.in:175
msgid "Store password if offline for later online authentication"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:174
+#: src/config/SSSDConfig/__init__.py.in:176
msgid "Renewable lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:175
+#: src/config/SSSDConfig/__init__.py.in:177
msgid "Lifetime of the TGT"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:176
+#: src/config/SSSDConfig/__init__.py.in:178
msgid "Time between two checks for renewal"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:177
+#: src/config/SSSDConfig/__init__.py.in:179
msgid "Enables FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:178
+#: src/config/SSSDConfig/__init__.py.in:180
msgid "Selects the principal to use for FAST"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:179
+#: src/config/SSSDConfig/__init__.py.in:181
msgid "Enables principal canonicalization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:180
+#: src/config/SSSDConfig/__init__.py.in:182
msgid "Enables enterprise principals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:183
-#: src/config/SSSDConfig/__init__.py.in:184
+#: src/config/SSSDConfig/__init__.py.in:185
+#: src/config/SSSDConfig/__init__.py.in:186
msgid "Server where the change password service is running if not on the KDC"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:187
+#: src/config/SSSDConfig/__init__.py.in:189
msgid "ldap_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:188
+#: src/config/SSSDConfig/__init__.py.in:190
msgid "ldap_backup_uri, The URI of the LDAP server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:189
+#: src/config/SSSDConfig/__init__.py.in:191
msgid "The default base DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:190
+#: src/config/SSSDConfig/__init__.py.in:192
msgid "The Schema Type in use on the LDAP server, rfc2307"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:191
+#: src/config/SSSDConfig/__init__.py.in:193
msgid "The default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:192
+#: src/config/SSSDConfig/__init__.py.in:194
msgid "The type of the authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:193
+#: src/config/SSSDConfig/__init__.py.in:195
msgid "The authentication token of the default bind DN"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:194
+#: src/config/SSSDConfig/__init__.py.in:196
msgid "Length of time to attempt connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:195
+#: src/config/SSSDConfig/__init__.py.in:197
msgid "Length of time to attempt synchronous LDAP operations"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:196
+#: src/config/SSSDConfig/__init__.py.in:198
msgid "Length of time between attempts to reconnect while offline"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:197
+#: src/config/SSSDConfig/__init__.py.in:199
msgid "Use only the upper case for realm names"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:198
+#: src/config/SSSDConfig/__init__.py.in:200
msgid "File that contains CA certificates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:199
+#: src/config/SSSDConfig/__init__.py.in:201
msgid "Path to CA certificate directory"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:200
+#: src/config/SSSDConfig/__init__.py.in:202
msgid "File that contains the client certificate"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:201
+#: src/config/SSSDConfig/__init__.py.in:203
msgid "File that contains the client key"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:202
+#: src/config/SSSDConfig/__init__.py.in:204
msgid "List of possible ciphers suites"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:203
+#: src/config/SSSDConfig/__init__.py.in:205
msgid "Require TLS certificate verification"
msgstr "需要 TLS 憑證驗證"
-#: src/config/SSSDConfig/__init__.py.in:204
+#: src/config/SSSDConfig/__init__.py.in:206
msgid "Specify the sasl mechanism to use"
msgstr "指定要使用的 sasl 機制"
-#: src/config/SSSDConfig/__init__.py.in:205
+#: src/config/SSSDConfig/__init__.py.in:207
msgid "Specify the sasl authorization id to use"
msgstr "指定要使用的 sasl 認證 id"
-#: src/config/SSSDConfig/__init__.py.in:206
+#: src/config/SSSDConfig/__init__.py.in:208
msgid "Specify the sasl authorization realm to use"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:207
+#: src/config/SSSDConfig/__init__.py.in:209
msgid "Specify the minimal SSF for LDAP sasl authorization"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:208
+#: src/config/SSSDConfig/__init__.py.in:210
msgid "Kerberos service keytab"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:209
+#: src/config/SSSDConfig/__init__.py.in:211
msgid "Use Kerberos auth for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:210
+#: src/config/SSSDConfig/__init__.py.in:212
msgid "Follow LDAP referrals"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:211
+#: src/config/SSSDConfig/__init__.py.in:213
msgid "Lifetime of TGT for LDAP connection"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:212
+#: src/config/SSSDConfig/__init__.py.in:214
msgid "How to dereference aliases"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:213
+#: src/config/SSSDConfig/__init__.py.in:215
msgid "Service name for DNS service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:214
+#: src/config/SSSDConfig/__init__.py.in:216
msgid "The number of records to retrieve in a single LDAP query"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:215
+#: src/config/SSSDConfig/__init__.py.in:217
msgid "The number of members that must be missing to trigger a full deref"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:216
+#: src/config/SSSDConfig/__init__.py.in:218
msgid ""
"Whether the LDAP library should perform a reverse lookup to canonicalize the "
"host name during a SASL bind"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:218
+#: src/config/SSSDConfig/__init__.py.in:220
msgid "entryUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:219
+#: src/config/SSSDConfig/__init__.py.in:221
msgid "lastUSN attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:221
+#: src/config/SSSDConfig/__init__.py.in:223
msgid "How long to retain a connection to the LDAP server before disconnecting"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:223
+#: src/config/SSSDConfig/__init__.py.in:225
msgid "Disable the LDAP paging control"
msgstr ""
#: src/config/SSSDConfig/__init__.py.in:226
+msgid "Disable Active Directory range retrieval"
+msgstr ""
+
+#: src/config/SSSDConfig/__init__.py.in:229
msgid "Length of time to wait for a search request"
msgstr "搜尋請求的等候時間長度"
-#: src/config/SSSDConfig/__init__.py.in:227
+#: src/config/SSSDConfig/__init__.py.in:230
msgid "Length of time to wait for a enumeration request"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:228
+#: src/config/SSSDConfig/__init__.py.in:231
msgid "Length of time between enumeration updates"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:229
+#: src/config/SSSDConfig/__init__.py.in:232
msgid "Length of time between cache cleanups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:230
+#: src/config/SSSDConfig/__init__.py.in:233
msgid "Require TLS for ID lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:231
+#: src/config/SSSDConfig/__init__.py.in:234
msgid "Use ID-mapping of objectSID instead of pre-set IDs"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:232
+#: src/config/SSSDConfig/__init__.py.in:235
msgid "Base DN for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:233
+#: src/config/SSSDConfig/__init__.py.in:236
msgid "Scope of user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:234
+#: src/config/SSSDConfig/__init__.py.in:237
msgid "Filter for user lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:235
+#: src/config/SSSDConfig/__init__.py.in:238
msgid "Objectclass for users"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:236
+#: src/config/SSSDConfig/__init__.py.in:239
msgid "Username attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:238
+#: src/config/SSSDConfig/__init__.py.in:241
msgid "UID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:239
+#: src/config/SSSDConfig/__init__.py.in:242
msgid "Primary GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:240
+#: src/config/SSSDConfig/__init__.py.in:243
msgid "GECOS attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:241
+#: src/config/SSSDConfig/__init__.py.in:244
msgid "Home directory attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:242
+#: src/config/SSSDConfig/__init__.py.in:245
msgid "Shell attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:243
+#: src/config/SSSDConfig/__init__.py.in:246
msgid "UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:244
-#: src/config/SSSDConfig/__init__.py.in:280
+#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:283
msgid "objectSID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:245
+#: src/config/SSSDConfig/__init__.py.in:248
msgid "Active Directory primary group attribute for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:246
+#: src/config/SSSDConfig/__init__.py.in:249
msgid "User principal attribute (for Kerberos)"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:247
+#: src/config/SSSDConfig/__init__.py.in:250
msgid "Full Name"
msgstr "全名"
-#: src/config/SSSDConfig/__init__.py.in:248
+#: src/config/SSSDConfig/__init__.py.in:251
msgid "memberOf attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:249
+#: src/config/SSSDConfig/__init__.py.in:252
msgid "Modification time attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:251
+#: src/config/SSSDConfig/__init__.py.in:254
msgid "shadowLastChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:252
+#: src/config/SSSDConfig/__init__.py.in:255
msgid "shadowMin attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:253
+#: src/config/SSSDConfig/__init__.py.in:256
msgid "shadowMax attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:254
+#: src/config/SSSDConfig/__init__.py.in:257
msgid "shadowWarning attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:255
+#: src/config/SSSDConfig/__init__.py.in:258
msgid "shadowInactive attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:256
+#: src/config/SSSDConfig/__init__.py.in:259
msgid "shadowExpire attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:257
+#: src/config/SSSDConfig/__init__.py.in:260
msgid "shadowFlag attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:258
+#: src/config/SSSDConfig/__init__.py.in:261
msgid "Attribute listing authorized PAM services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:259
+#: src/config/SSSDConfig/__init__.py.in:262
msgid "Attribute listing authorized server hosts"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:260
+#: src/config/SSSDConfig/__init__.py.in:263
msgid "krbLastPwdChange attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:261
+#: src/config/SSSDConfig/__init__.py.in:264
msgid "krbPasswordExpiration attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:262
+#: src/config/SSSDConfig/__init__.py.in:265
msgid "Attribute indicating that server side password policies are active"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:263
+#: src/config/SSSDConfig/__init__.py.in:266
msgid "accountExpires attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:264
+#: src/config/SSSDConfig/__init__.py.in:267
msgid "userAccountControl attribute of AD"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:265
+#: src/config/SSSDConfig/__init__.py.in:268
msgid "nsAccountLock attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:266
+#: src/config/SSSDConfig/__init__.py.in:269
msgid "loginDisabled attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:267
+#: src/config/SSSDConfig/__init__.py.in:270
msgid "loginExpirationTime attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:268
+#: src/config/SSSDConfig/__init__.py.in:271
msgid "loginAllowedTimeMap attribute of NDS"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:269
+#: src/config/SSSDConfig/__init__.py.in:272
msgid "SSH public key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:271
+#: src/config/SSSDConfig/__init__.py.in:274
msgid "Base DN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:274
+#: src/config/SSSDConfig/__init__.py.in:277
msgid "Objectclass for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:275
+#: src/config/SSSDConfig/__init__.py.in:278
msgid "Group name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:276
+#: src/config/SSSDConfig/__init__.py.in:279
msgid "Group password"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:277
+#: src/config/SSSDConfig/__init__.py.in:280
msgid "GID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:278
+#: src/config/SSSDConfig/__init__.py.in:281
msgid "Group member attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:279
+#: src/config/SSSDConfig/__init__.py.in:282
msgid "Group UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:281
+#: src/config/SSSDConfig/__init__.py.in:284
msgid "Modification time attribute for groups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:283
+#: src/config/SSSDConfig/__init__.py.in:286
msgid "Maximum nesting level SSSd will follow"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:285
+#: src/config/SSSDConfig/__init__.py.in:288
msgid "Base DN for netgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:286
+#: src/config/SSSDConfig/__init__.py.in:289
msgid "Objectclass for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:287
+#: src/config/SSSDConfig/__init__.py.in:290
msgid "Netgroup name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:288
+#: src/config/SSSDConfig/__init__.py.in:291
msgid "Netgroups members attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:289
+#: src/config/SSSDConfig/__init__.py.in:292
msgid "Netgroup triple attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:290
+#: src/config/SSSDConfig/__init__.py.in:293
msgid "Netgroup UUID attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:291
+#: src/config/SSSDConfig/__init__.py.in:294
msgid "Modification time attribute for netgroups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:293
+#: src/config/SSSDConfig/__init__.py.in:296
msgid "Base DN for service lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:294
+#: src/config/SSSDConfig/__init__.py.in:297
msgid "Objectclass for services"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:295
+#: src/config/SSSDConfig/__init__.py.in:298
msgid "Service name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:296
+#: src/config/SSSDConfig/__init__.py.in:299
msgid "Service port attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:297
+#: src/config/SSSDConfig/__init__.py.in:300
msgid "Service protocol attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:300
+#: src/config/SSSDConfig/__init__.py.in:303
msgid "Lower bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:301
+#: src/config/SSSDConfig/__init__.py.in:304
msgid "Upper bound for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:302
+#: src/config/SSSDConfig/__init__.py.in:305
msgid "Number of IDs for each slice when ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:303
+#: src/config/SSSDConfig/__init__.py.in:306
msgid "Use autorid-compatible algorithm for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:304
+#: src/config/SSSDConfig/__init__.py.in:307
msgid "Name of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:305
+#: src/config/SSSDConfig/__init__.py.in:308
msgid "SID of the default domain for ID-mapping"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:307
+#: src/config/SSSDConfig/__init__.py.in:310
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for group lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:308
+#: src/config/SSSDConfig/__init__.py.in:311
msgid "Use LDAP_MATCHING_RULE_IN_CHAIN for initgroup lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:311
+#: src/config/SSSDConfig/__init__.py.in:314
msgid "Policy to evaluate the password expiration"
msgstr "評估密碼過期時效的策略"
-#: src/config/SSSDConfig/__init__.py.in:314
+#: src/config/SSSDConfig/__init__.py.in:317
msgid "LDAP filter to determine access privileges"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:315
+#: src/config/SSSDConfig/__init__.py.in:318
msgid "Which attributes shall be used to evaluate if an account is expired"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:316
+#: src/config/SSSDConfig/__init__.py.in:319
msgid "Which rules should be used to evaluate access control"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:319
+#: src/config/SSSDConfig/__init__.py.in:322
msgid "URI of an LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:320
+#: src/config/SSSDConfig/__init__.py.in:323
msgid "URI of a backup LDAP server where password changes are allowed"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:321
+#: src/config/SSSDConfig/__init__.py.in:324
msgid "DNS service name for LDAP password change server"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:322
+#: src/config/SSSDConfig/__init__.py.in:325
msgid ""
"Whether to update the ldap_user_shadow_last_change attribute after a "
"password change"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:325
+#: src/config/SSSDConfig/__init__.py.in:328
msgid "Base DN for sudo rules lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:326
+#: src/config/SSSDConfig/__init__.py.in:329
msgid "Automatic full refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:327
+#: src/config/SSSDConfig/__init__.py.in:330
msgid "Automatic smart refresh period"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:328
+#: src/config/SSSDConfig/__init__.py.in:331
msgid "Whether to filter rules by hostname, IP addresses and network"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:329
+#: src/config/SSSDConfig/__init__.py.in:332
msgid ""
"Hostnames and/or fully qualified domain names of this machine to filter sudo "
"rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:330
+#: src/config/SSSDConfig/__init__.py.in:333
msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:331
+#: src/config/SSSDConfig/__init__.py.in:334
msgid "Whether to include rules that contains netgroup in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:332
+#: src/config/SSSDConfig/__init__.py.in:335
msgid ""
"Whether to include rules that contains regular expression in host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:333
+#: src/config/SSSDConfig/__init__.py.in:336
msgid "Object class for sudo rules"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:334
+#: src/config/SSSDConfig/__init__.py.in:337
msgid "Sudo rule name"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:335
+#: src/config/SSSDConfig/__init__.py.in:338
msgid "Sudo rule command attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:336
+#: src/config/SSSDConfig/__init__.py.in:339
msgid "Sudo rule host attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:337
+#: src/config/SSSDConfig/__init__.py.in:340
msgid "Sudo rule user attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:338
+#: src/config/SSSDConfig/__init__.py.in:341
msgid "Sudo rule option attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:339
+#: src/config/SSSDConfig/__init__.py.in:342
msgid "Sudo rule runasuser attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:340
+#: src/config/SSSDConfig/__init__.py.in:343
msgid "Sudo rule runasgroup attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:341
+#: src/config/SSSDConfig/__init__.py.in:344
msgid "Sudo rule notbefore attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:342
+#: src/config/SSSDConfig/__init__.py.in:345
msgid "Sudo rule notafter attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:343
+#: src/config/SSSDConfig/__init__.py.in:346
msgid "Sudo rule order attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:346
+#: src/config/SSSDConfig/__init__.py.in:349
msgid "Object class for automounter maps"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:347
+#: src/config/SSSDConfig/__init__.py.in:350
msgid "Automounter map name attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:348
+#: src/config/SSSDConfig/__init__.py.in:351
msgid "Object class for automounter map entries"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:349
+#: src/config/SSSDConfig/__init__.py.in:352
msgid "Automounter map entry key attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:350
+#: src/config/SSSDConfig/__init__.py.in:353
msgid "Automounter map entry value attribute"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:351
+#: src/config/SSSDConfig/__init__.py.in:354
msgid "Base DN for automounter map lookups"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:354
+#: src/config/SSSDConfig/__init__.py.in:357
msgid "Comma separated list of allowed users"
msgstr "許可的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:355
+#: src/config/SSSDConfig/__init__.py.in:358
msgid "Comma separated list of prohibited users"
msgstr "被禁止的使用者清單,請使用半形逗號作為分隔"
-#: src/config/SSSDConfig/__init__.py.in:358
+#: src/config/SSSDConfig/__init__.py.in:361
msgid "Default shell, /bin/bash"
msgstr "預設 shell,/bin/bash"
-#: src/config/SSSDConfig/__init__.py.in:359
+#: src/config/SSSDConfig/__init__.py.in:362
msgid "Base for home directories"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:362
+#: src/config/SSSDConfig/__init__.py.in:365
msgid "The name of the NSS library to use"
msgstr "要使用的 NSS 函式庫名稱"
-#: src/config/SSSDConfig/__init__.py.in:363
+#: src/config/SSSDConfig/__init__.py.in:366
msgid "Whether to look up canonical group name from cache if possible"
msgstr ""
-#: src/config/SSSDConfig/__init__.py.in:366
+#: src/config/SSSDConfig/__init__.py.in:369
msgid "PAM stack to use"
msgstr "要使用的 PAM 堆疊"
-#: src/monitor/monitor.c:2644
+#: src/monitor/monitor.c:2645
msgid "Become a daemon (default)"
msgstr "作為幕後程式 (預設)"
-#: src/monitor/monitor.c:2646
+#: src/monitor/monitor.c:2647
msgid "Run interactive (not a daemon)"
msgstr "以互動方式執行 (非幕後程式)"
-#: src/monitor/monitor.c:2648 src/tools/sss_debuglevel.c:71
+#: src/monitor/monitor.c:2649 src/tools/sss_debuglevel.c:71
msgid "Specify a non-default config file"
msgstr "指定非預設的配置檔"
-#: src/monitor/monitor.c:2650
+#: src/monitor/monitor.c:2651
msgid "Print version number and exit"
msgstr ""
#: src/providers/krb5/krb5_child.c:2063 src/providers/ldap/ldap_child.c:435
-#: src/util/util.h:91
+#: src/util/util.h:93
msgid "Debug level"
msgstr "除錯層級"
#: src/providers/krb5/krb5_child.c:2065 src/providers/ldap/ldap_child.c:437
-#: src/util/util.h:95
+#: src/util/util.h:97
msgid "Add debug timestamps"
msgstr "加入除錯時間戳記"
#: src/providers/krb5/krb5_child.c:2067 src/providers/ldap/ldap_child.c:439
-#: src/util/util.h:97
+#: src/util/util.h:99
msgid "Show timestamps with microseconds"
msgstr ""
@@ -1091,7 +1103,7 @@ msgstr ""
msgid "An open file descriptor for the debug logs"
msgstr ""
-#: src/providers/data_provider_be.c:2709
+#: src/providers/data_provider_be.c:2855
msgid "Domain of the information provider (mandatory)"
msgstr ""
@@ -1185,8 +1197,8 @@ msgstr "密碼已過期。請立刻變更您的密碼。"
#: src/sss_client/ssh/sss_ssh_knownhostsproxy.c:192 src/tools/sss_useradd.c:48
#: src/tools/sss_groupadd.c:41 src/tools/sss_groupdel.c:44
#: src/tools/sss_groupmod.c:42 src/tools/sss_groupshow.c:652
-#: src/tools/sss_userdel.c:132 src/tools/sss_usermod.c:47
-#: src/tools/sss_cache.c:524 src/tools/sss_debuglevel.c:69
+#: src/tools/sss_userdel.c:134 src/tools/sss_usermod.c:47
+#: src/tools/sss_cache.c:519 src/tools/sss_debuglevel.c:69
msgid "The debug level to run with"
msgstr ""
@@ -1195,24 +1207,23 @@ msgstr ""
msgid "The SSSD domain to use"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:58 src/tools/sss_useradd.c:73
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:57 src/tools/sss_useradd.c:73
#: src/tools/sss_groupadd.c:58 src/tools/sss_groupdel.c:53
#: src/tools/sss_groupmod.c:65 src/tools/sss_groupshow.c:663
-#: src/tools/sss_userdel.c:149 src/tools/sss_usermod.c:74
-#: src/tools/sss_cache.c:555
+#: src/tools/sss_userdel.c:151 src/tools/sss_usermod.c:74
+#: src/tools/sss_cache.c:550
msgid "Error setting the locale\n"
msgstr "設定區域設置時發生錯誤\n"
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:65
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:91
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:64
msgid "Not enough memory\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:84
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:83
msgid "User not specified\n"
msgstr ""
-#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:105
+#: src/sss_client/ssh/sss_ssh_authorizedkeys.c:92
msgid "Error looking up public keys\n"
msgstr ""
@@ -1279,21 +1290,21 @@ msgstr "指定要加入的使用者\n"
#: src/tools/sss_useradd.c:119 src/tools/sss_groupadd.c:84
#: src/tools/sss_groupdel.c:78 src/tools/sss_groupmod.c:111
-#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:194
+#: src/tools/sss_groupshow.c:696 src/tools/sss_userdel.c:196
#: src/tools/sss_usermod.c:128
msgid "Error initializing the tools - no local domain\n"
msgstr "初始化工具時發生錯誤 - 沒有本機網域\n"
#: src/tools/sss_useradd.c:121 src/tools/sss_groupadd.c:86
#: src/tools/sss_groupdel.c:80 src/tools/sss_groupmod.c:113
-#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:196
+#: src/tools/sss_groupshow.c:698 src/tools/sss_userdel.c:198
#: src/tools/sss_usermod.c:130
msgid "Error initializing the tools\n"
msgstr "初始化工具時發生錯誤\n"
#: src/tools/sss_useradd.c:130 src/tools/sss_groupadd.c:95
#: src/tools/sss_groupdel.c:89 src/tools/sss_groupmod.c:121
-#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:205
+#: src/tools/sss_groupshow.c:707 src/tools/sss_userdel.c:207
#: src/tools/sss_usermod.c:139
msgid "Invalid domain specified in FQDN\n"
msgstr "在 FQDN 內指定了無效的網域\n"
@@ -1314,7 +1325,7 @@ msgstr "群組必須位於與使用者相同的網域內\n"
msgid "Cannot find group %1$s in local domain\n"
msgstr ""
-#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:215
+#: src/tools/sss_useradd.c:170 src/tools/sss_userdel.c:217
msgid "Cannot set default values\n"
msgstr "無法設定預設值\n"
@@ -1391,7 +1402,7 @@ msgstr ""
#: src/tools/sss_groupdel.c:117 src/tools/sss_groupmod.c:219
#: src/tools/sss_groupmod.c:226 src/tools/sss_groupmod.c:233
-#: src/tools/sss_userdel.c:292 src/tools/sss_usermod.c:241
+#: src/tools/sss_userdel.c:294 src/tools/sss_usermod.c:241
#: src/tools/sss_usermod.c:248 src/tools/sss_usermod.c:255
#, c-format
msgid "NSS request failed (%1$d). Entry might remain in memory cache.\n"
@@ -1504,68 +1515,68 @@ msgstr "本機網域內沒有這樣的群組。只許可在本機網域內列出
msgid "Internal error. Could not print group.\n"
msgstr "內部錯誤。無法列出群組。\n"
-#: src/tools/sss_userdel.c:134
+#: src/tools/sss_userdel.c:136
msgid "Remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:136
+#: src/tools/sss_userdel.c:138
msgid "Do not remove home directory and mail spool"
msgstr ""
-#: src/tools/sss_userdel.c:138
+#: src/tools/sss_userdel.c:140
msgid "Force removal of files not owned by the user"
msgstr "強制檔案的移除並非由使用者所擁有"
-#: src/tools/sss_userdel.c:140
+#: src/tools/sss_userdel.c:142
msgid "Kill users' processes before removing him"
msgstr ""
-#: src/tools/sss_userdel.c:185
+#: src/tools/sss_userdel.c:187
msgid "Specify user to delete\n"
msgstr "指定要刪除的使用者\n"
-#: src/tools/sss_userdel.c:231
+#: src/tools/sss_userdel.c:233
#, c-format
msgid "User %1$s is outside the defined ID range for domain\n"
msgstr ""
-#: src/tools/sss_userdel.c:256
+#: src/tools/sss_userdel.c:258
msgid "Cannot reset SELinux login context\n"
msgstr ""
-#: src/tools/sss_userdel.c:268
+#: src/tools/sss_userdel.c:270
#, c-format
msgid "WARNING: The user (uid %1$lu) was still logged in when deleted.\n"
msgstr ""
-#: src/tools/sss_userdel.c:273
+#: src/tools/sss_userdel.c:275
msgid "Cannot determine if the user was logged in on this platform"
msgstr ""
-#: src/tools/sss_userdel.c:278
+#: src/tools/sss_userdel.c:280
msgid "Error while checking if the user was logged in\n"
msgstr ""
-#: src/tools/sss_userdel.c:285
+#: src/tools/sss_userdel.c:287
#, c-format
msgid "The post-delete command failed: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:305
+#: src/tools/sss_userdel.c:307
msgid "Not removing home dir - not owned by user\n"
msgstr "不會移除家目錄 - 並非由使用者所擁有\n"
-#: src/tools/sss_userdel.c:307
+#: src/tools/sss_userdel.c:309
#, c-format
msgid "Cannot remove homedir: %1$s\n"
msgstr ""
-#: src/tools/sss_userdel.c:320
+#: src/tools/sss_userdel.c:322
msgid ""
"No such user in local domain. Removing users only allowed in local domain.\n"
msgstr "在本機網域內沒有這樣的使用者。只許可在本機網域內移除使用者。\n"
-#: src/tools/sss_userdel.c:325
+#: src/tools/sss_userdel.c:327
msgid "Internal error. Could not remove user.\n"
msgstr "內部錯誤。無法移除使用者。\n"
@@ -1615,72 +1626,72 @@ msgstr "處理事項發生錯誤。無法修改使用者。\n"
msgid "No cache object matched the specified search\n"
msgstr ""
-#: src/tools/sss_cache.c:396
+#: src/tools/sss_cache.c:391
#, c-format
msgid "Couldn't invalidate %1$s"
msgstr ""
-#: src/tools/sss_cache.c:403
+#: src/tools/sss_cache.c:398
#, c-format
msgid "Couldn't invalidate %1$s %2$s"
msgstr ""
-#: src/tools/sss_cache.c:526
+#: src/tools/sss_cache.c:521
msgid "Invalidate particular user"
msgstr ""
-#: src/tools/sss_cache.c:528
+#: src/tools/sss_cache.c:523
msgid "Invalidate all users"
msgstr ""
-#: src/tools/sss_cache.c:530
+#: src/tools/sss_cache.c:525
msgid "Invalidate particular group"
msgstr ""
-#: src/tools/sss_cache.c:532
+#: src/tools/sss_cache.c:527
msgid "Invalidate all groups"
msgstr ""
-#: src/tools/sss_cache.c:534
+#: src/tools/sss_cache.c:529
msgid "Invalidate particular netgroup"
msgstr ""
-#: src/tools/sss_cache.c:536
+#: src/tools/sss_cache.c:531
msgid "Invalidate all netgroups"
msgstr ""
-#: src/tools/sss_cache.c:538
+#: src/tools/sss_cache.c:533
msgid "Invalidate particular service"
msgstr ""
-#: src/tools/sss_cache.c:540
+#: src/tools/sss_cache.c:535
msgid "Invalidate all services"
msgstr ""
-#: src/tools/sss_cache.c:543
+#: src/tools/sss_cache.c:538
msgid "Invalidate particular autofs map"
msgstr ""
-#: src/tools/sss_cache.c:545
+#: src/tools/sss_cache.c:540
msgid "Invalidate all autofs maps"
msgstr ""
-#: src/tools/sss_cache.c:548
+#: src/tools/sss_cache.c:543
msgid "Only invalidate entries from a particular domain"
msgstr ""
-#: src/tools/sss_cache.c:590
+#: src/tools/sss_cache.c:585
msgid "Please select at least one object to invalidate\n"
msgstr ""
-#: src/tools/sss_cache.c:660
+#: src/tools/sss_cache.c:655
#, c-format
msgid ""
"Could not open domain %1$s. If the domain is a subdomain (trusted domain), "
"use fully qualified name instead of --domain/-d parameter.\n"
msgstr ""
-#: src/tools/sss_cache.c:664
+#: src/tools/sss_cache.c:659
msgid "Could not open available domains\n"
msgstr ""
@@ -1710,6 +1721,6 @@ msgstr "記憶體耗盡\n"
msgid "%1$s must be run as root\n"
msgstr ""
-#: src/util/util.h:93
+#: src/util/util.h:95
msgid "Send the debug output to files instead of stderr"
msgstr "傳送除錯輸出到檔案而不是標準輸出"
diff --git a/src/man/po/br.po b/src/man/po/br.po
index 5d82c898d..1901b78d2 100644
--- a/src/man/po/br.po
+++ b/src/man/po/br.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Breton (http://www.transifex.com/projects/p/fedora/language/"
"br/)\n"
@@ -206,7 +206,7 @@ msgid "The [sssd] section"
msgstr "Ar rann [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Arventennoù ar rann"
@@ -243,19 +243,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Dre ziouer : 3"
@@ -275,7 +275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (neudennad)"
@@ -295,32 +295,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (neudennad)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -329,7 +368,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -337,52 +376,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -392,15 +431,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -418,12 +457,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "RANNOÙ SERVIJOÙ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -432,81 +471,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Dre ziouer : true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -516,17 +556,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -534,18 +574,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -555,40 +595,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Dre ziouer : 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -596,7 +636,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -606,7 +646,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -615,17 +655,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -633,17 +673,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Dre ziouer : 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (neudennad)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -652,41 +692,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Dre zoiuer : root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -694,112 +734,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -807,96 +847,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -904,59 +944,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Dre zoiuer : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -964,7 +1004,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -973,17 +1013,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -991,63 +1031,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Dre ziouer : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1055,51 +1095,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1111,35 +1151,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1147,12 +1187,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1161,24 +1201,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "RANNOÙ DOMANI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1187,40 +1227,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1232,14 +1272,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1248,129 +1288,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1379,17 +1441,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1398,33 +1460,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1432,8 +1494,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1442,8 +1504,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1451,19 +1513,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1472,17 +1534,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1490,19 +1552,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1510,7 +1572,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1518,30 +1580,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1549,19 +1611,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1570,24 +1632,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1595,7 +1657,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1603,35 +1665,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1639,23 +1701,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1663,7 +1725,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1671,31 +1733,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1703,23 +1765,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1727,7 +1789,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1735,24 +1797,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1760,19 +1822,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1781,29 +1846,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1811,7 +1876,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1819,74 +1884,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1894,56 +1951,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1952,22 +2009,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1977,18 +2034,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "re_expression (string)"
+msgid "realmd_tags (string)"
+msgstr "re_expression (neudennad)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1996,29 +2066,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2026,19 +2096,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2046,73 +2116,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2120,17 +2190,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2139,17 +2209,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2157,17 +2227,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2175,18 +2245,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2216,7 +2286,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2557,7 +2627,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2617,7 +2687,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2634,7 +2704,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2644,14 +2714,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2988,9 +3058,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3005,7 +3075,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3031,16 +3101,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3048,101 +3126,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3150,17 +3236,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3168,14 +3254,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3183,7 +3269,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3192,18 +3278,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3211,172 +3297,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3384,7 +3470,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3392,18 +3478,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3411,12 +3497,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3427,12 +3513,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3440,12 +3526,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3454,34 +3540,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3489,14 +3575,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3504,12 +3590,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3517,17 +3623,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3535,13 +3641,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3550,7 +3656,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3558,26 +3664,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3585,7 +3691,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3593,7 +3699,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3601,41 +3707,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3644,32 +3750,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3677,24 +3783,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3702,29 +3808,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3733,17 +3839,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3751,49 +3857,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3801,27 +3907,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3833,7 +3939,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3841,7 +3947,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3849,53 +3955,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3903,7 +4032,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3911,29 +4040,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3942,56 +4071,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4002,12 +4131,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4016,14 +4145,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4032,24 +4161,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4057,19 +4186,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4078,7 +4207,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4086,7 +4215,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4094,109 +4223,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4207,7 +4344,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4225,213 +4362,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4439,106 +4576,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4547,76 +4684,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4625,46 +4762,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4672,43 +4809,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4716,7 +4853,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4724,7 +4861,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4737,20 +4874,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5185,7 +5322,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5193,18 +5330,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5212,12 +5352,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5225,7 +5365,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5233,24 +5373,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5258,22 +5398,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5285,100 +5425,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0"
-msgid "Default: 0 (disabled)"
-msgstr "Dre ziouer : 0"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5386,86 +5519,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5473,12 +5606,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5486,17 +5619,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5504,12 +5637,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5518,325 +5651,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5844,7 +5977,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5856,7 +5989,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5864,7 +5997,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5960,13 +6093,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5976,12 +6116,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5989,54 +6129,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 3"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Dre ziouer : 3"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6044,7 +6193,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6059,7 +6208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6068,7 +6217,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7048,10 +7197,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "re_expression (string)"
msgid "krb5_renew_interval (string)"
-msgstr "re_expression (neudennad)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
@@ -7135,7 +7282,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7150,7 +7297,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7159,7 +7306,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/ca.po b/src/man/po/ca.po
index 8db384019..882ef9b66 100644
--- a/src/man/po/ca.po
+++ b/src/man/po/ca.po
@@ -9,8 +9,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Catalan <fedora@llistes.softcatala.org>\n"
"Language: ca\n"
@@ -229,7 +229,7 @@ msgid "The [sssd] section"
msgstr "La secció [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Paràmetres de la secció"
@@ -270,12 +270,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -284,7 +284,7 @@ msgstr ""
"caiguda del Proveïdor de Dades o reiniciar abans de donar-se per vençuts"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Per defecte: 3"
@@ -295,12 +295,6 @@ msgstr "dominis"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -308,13 +302,9 @@ msgid ""
"them to be queried. A domain name should only consist of alphanumeric ASCII "
"characters, dashes and underscores."
msgstr ""
-"Un domini és una base de dades que conté informació d'usuari. L'SSSD pot "
-"utilitzar més d'un domini al mateix temps, però almenys un s'ha de "
-"configurar o l'SSSD no s'iniciarà. Aquest paràmetre descriu l'ordre que vol "
-"que es va preguntar la llista de dominis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -334,32 +324,85 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+#, fuzzy
+#| msgid ""
+#| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry> to specify the default "
+#| "permissions on a newly created home directory."
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+"Utilitzat per <citerefentry><refentrytitle>sss_useradd</refentrytitle> "
+"<manvolnum>8</manvolnum></citerefentry> per especificar els permisos per "
+"defecte en un directori personal acabat de crear."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+#, fuzzy
+#| msgid ""
+#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+#| "\"0\"/>"
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"Opcions vàlides per a servidors intermediaris de domini. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -372,7 +415,7 @@ msgstr ""
"segons si inotify no es pot utilitzar."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -383,7 +426,7 @@ msgstr ""
"aquesta opció a 'false'"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -392,7 +435,7 @@ msgstr ""
"plataformes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -401,12 +444,12 @@ msgstr ""
"En aquestes plataformes, sempre s'utilitzarà el sondeig."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -415,26 +458,26 @@ msgstr ""
"de Kerberos"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -444,15 +487,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -476,12 +519,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "SECCIONS DE SERVEIS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -494,81 +537,82 @@ msgstr ""
"quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "Opcions de configuració del servei general"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "Aquestes opcions es poden utilitzar per a configurar qualsevol servei."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "Afegir una marca de temps als missatges de depuració"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Per defecte: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Per defecte: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Per defecte: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -578,17 +622,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -596,18 +640,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Per defecte: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -617,12 +661,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "Opcions de configuració d'NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -630,12 +674,12 @@ msgstr ""
"servei de nom (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -644,17 +688,17 @@ msgstr ""
"(peticions d'informació sobre tots els usuaris)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Per defecte: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -665,7 +709,7 @@ msgstr ""
"valor entry_cache_timeout per al domini."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -681,7 +725,7 @@ msgstr ""
"peticions que esperen per a una actualització de la memòria cau."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -694,17 +738,17 @@ msgstr ""
"(0 desactiva aquesta característica)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -716,17 +760,17 @@ msgstr ""
"altra vegada."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Per defecte: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -735,17 +779,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Per defecte: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -753,25 +797,25 @@ msgstr ""
"aquesta opció a false."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -779,112 +823,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -892,48 +936,48 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Per defecte: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr "Opcions de configuració de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -942,12 +986,12 @@ msgstr ""
"Authentication Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -957,17 +1001,17 @@ msgstr ""
"de sessió)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -976,12 +1020,12 @@ msgstr ""
"fallits es permet."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -991,7 +1035,7 @@ msgstr ""
"possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -999,17 +1043,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Per defecte: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1018,43 +1062,43 @@ msgstr ""
"autenticació. Com més gran sigui el nombre més missatges es mostren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "L'Sssd suporta actualment els següents valors:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostris cap missatge"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: Mostra només missatges importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: Mostra missatges informatius"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Per defecte: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1066,7 +1110,7 @@ msgstr ""
"l'última informació."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1080,17 +1124,17 @@ msgstr ""
"proveïdor d'identitat."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1098,63 +1142,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Per defecte: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1162,51 +1206,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1218,35 +1262,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1254,12 +1298,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1268,17 +1312,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "SECCIONS DE DOMINI"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1287,7 +1331,7 @@ msgstr ""
"fora d'aquests límits, s'ignora."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1300,17 +1344,17 @@ msgstr ""
"com s'esperava."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerate (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1319,23 +1363,23 @@ msgstr ""
"valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Els usuaris i grups s'enumeren"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Cap enumeració per a aquest domini"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Per defecte: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1347,7 +1391,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1357,7 +1401,7 @@ msgstr ""
"finalitzi."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1371,19 +1415,19 @@ msgstr ""
"ús."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1392,112 +1436,136 @@ msgstr ""
"demanar al rerefons una altra vegada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Per defecte: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+#, fuzzy
+#| msgid "offline_failed_login_delay (integer)"
+msgid "refresh_expired_interval (integer)"
+msgstr "offline_failed_login_delay (Enter)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Determina si les credencials d'usuari també són emmagatzemades en la memòria "
"cau local de LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (Enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1510,17 +1578,17 @@ msgstr ""
"ha de ser superior o igual a offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Per defecte: 0 (sense límit)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1529,33 +1597,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1563,8 +1631,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1573,8 +1641,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1582,19 +1650,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1607,17 +1675,17 @@ msgstr ""
"trobaria l'usuari mentre que <command>getent passwd test@LOCAL</command> si."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1625,12 +1693,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1639,7 +1707,7 @@ msgstr ""
"d'autenticació suportats són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1650,7 +1718,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1661,7 +1729,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -1669,12 +1737,12 @@ msgstr ""
"de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> impossibilita l'autenticació explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1683,12 +1751,12 @@ msgstr ""
"gestionar les sol·licituds d'autenticació."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1699,19 +1767,19 @@ msgstr ""
"instal·lats) Els proveïdors especials interns són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> sempre denega l'accés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1724,17 +1792,17 @@ msgstr ""
"configuració del mòdul d'accés simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "Per defecte: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr "chpass_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1743,7 +1811,7 @@ msgstr ""
"al domini. Els proveïdors de canvi de contrasenya compatibles són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1755,7 +1823,7 @@ msgstr ""
"configuració d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1766,7 +1834,7 @@ msgstr ""
"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1774,12 +1842,12 @@ msgstr ""
"objectiu de PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1788,17 +1856,17 @@ msgstr ""
"gestionar peticions de canvi de contrasenya."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1806,23 +1874,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1830,7 +1898,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1838,31 +1906,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1870,23 +1938,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1894,7 +1962,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1902,24 +1970,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1927,19 +1995,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1948,29 +2019,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1981,7 +2052,7 @@ msgstr ""
"quote> , el domini tot el que ve després\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1989,7 +2060,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -1998,25 +2069,17 @@ msgstr ""
"sintaxi Python (?P &lt;name&gt;) a l'etiqueta subpatterns."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Per defecte: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2025,42 +2088,42 @@ msgstr ""
"realitzar cerques de DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Valors admesos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "Per defecte: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2071,12 +2134,12 @@ msgstr ""
"aquest temps d'espera, el domini seguirà operant en el mode fora de línia."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2085,44 +2148,44 @@ msgstr ""
"del domini de la consulta DNS del servei de descobriment."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr "Per defecte: Utilitza la part del domini del nom de màquina"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2131,22 +2194,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2156,18 +2219,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2178,17 +2254,17 @@ msgstr ""
"replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr "El servidor intermediari on re-envia PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2197,12 +2273,12 @@ msgstr ""
"de pam existent o crear-ne una de nova i afegir aquí el nom del servei."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2213,7 +2289,7 @@ msgstr ""
"$(libName)_$(function), per exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2222,12 +2298,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "La secció de domini local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2238,29 +2314,29 @@ msgstr ""
"<replaceable>id_provider = local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'intèrpret d'ordres per defecte per als usuaris creats amb eines SSSD "
"d'espai d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Per defecte: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2269,46 +2345,46 @@ msgstr ""
"replaceable> i utilitzen això com el directori d'usuari."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "Per defecte: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Per defecte: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booleà)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (enter)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2319,17 +2395,17 @@ msgstr ""
"defecte en un directori personal acabat de crear."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Per defecte: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2342,17 +2418,17 @@ msgstr ""
"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Per defecte: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2363,17 +2439,17 @@ msgstr ""
"s'especifica, s'utilitzarà un valor per defecte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Per defecte: <filename>/var/correu</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2384,18 +2460,18 @@ msgstr ""
"té en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "Per defecte: Cap, no s'executa cap comanda"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2450,7 +2526,7 @@ msgstr ""
"\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2816,7 +2892,7 @@ msgstr ""
"L'atribut LDAP que correspon a l'identificador del grup primari de l'usuari."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr "Per defecte: gidNumber"
@@ -2878,7 +2954,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte d'usuari d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "Per defecte: nsUniqueId"
@@ -2895,7 +2971,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2905,7 +2981,7 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -2914,7 +2990,7 @@ msgstr ""
"pare."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "Per defecte: modifyTimestamp"
@@ -3290,9 +3366,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "L'atribut LDAP que correspon al nom complet de l'usuari."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "Per defecte: cn"
@@ -3307,7 +3383,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "L'atribut LDAP que llista la pertanença a grups de l'usuari."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr "Per defecte: memberOf"
@@ -3338,16 +3414,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr "Per defecte: authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3355,101 +3439,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr "La classe d'objecte d'una entrada de grup a LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "Per defecte: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr "L'atribut LDAP que es correspon amb el nom del grup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "L'atribut LDAP que correspon a l'identificador del grup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "L'atribut LDAP que conté els noms dels membres del grup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Per defecte: memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "L'atribut LDAP que conté el UUID/GUID d'objecte de grup LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3460,17 +3552,17 @@ msgstr ""
"seguirà l'SSSD. Aquesta opció no té cap efecte sobre l'esquema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "Per defecte: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3478,14 +3570,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3493,7 +3585,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3502,18 +3594,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3521,173 +3613,173 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr "La classe d'objecte d'una entrada de netgroup a LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr "Per defecte: nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "L'atribut LDAP que es correspon amb el nom del netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr "L'atribut LDAP que conté els noms dels membres del netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr "Per defecte: memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
"L'atribut LDAP que conté les tripletes netgroup (maquina, usuari, domini)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "Per defecte: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr "L'atribut LDAP que conté el UUID/GUID d'un objecte de netgroup d'LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3695,7 +3787,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3703,18 +3795,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Per defecte: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3722,12 +3814,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3744,12 +3836,12 @@ msgstr ""
"manvolnum></citerefentry> retorna en cas de cap activitat."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3760,12 +3852,12 @@ msgstr ""
"temps d'espera en comunicar amb el KDC en cas d'un vincle SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3774,34 +3866,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3809,14 +3901,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3824,12 +3916,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_referrals (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_referrals (booleà)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3837,17 +3951,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3855,13 +3969,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3870,7 +3984,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3878,12 +3992,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -3893,7 +4007,7 @@ msgstr ""
"valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -3902,7 +4016,7 @@ msgstr ""
"certificat del servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3914,7 +4028,7 @@ msgstr ""
"normalment."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3925,7 +4039,7 @@ msgstr ""
"proporciona un certificat dolent, immediatament s'acaba la sessió."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3936,22 +4050,22 @@ msgstr ""
"immediatament s'acaba la sessió."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "Per defecte: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -3960,7 +4074,7 @@ msgstr ""
"Certificació que reconeixerà l'<command>sssd</command>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -3969,12 +4083,12 @@ msgstr ""
"<filename>/etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3988,32 +4102,32 @@ msgstr ""
"correctes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4021,12 +4135,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4035,12 +4149,12 @@ msgstr ""
"class=\"protocol\">tls</systemitem> per a protegir el canal."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4048,17 +4162,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4067,12 +4181,12 @@ msgstr ""
"i suportat."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4081,17 +4195,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4099,51 +4213,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Especifica el fitxer keytab a utilitzar quan s'utilitza SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4154,27 +4268,27 @@ msgstr ""
"seleccionat és GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (enter)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Especifica el temps de vida en segons de la TGT si s'utilitza GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Per defecte: 86400 (24 hores)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4186,7 +4300,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4197,7 +4311,7 @@ msgstr ""
"retorna a _tcp si no se'n troba cap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4209,41 +4323,74 @@ msgstr ""
"<quote>krb5_server</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Especifica l'àmbit KERBEROS (per a autenticació SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/"
"krb5.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_validate (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_validate (booleà)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+#, fuzzy
+#| msgid ""
+#| "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
+#| "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring Kerberos."
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+"<quote>krb5</quote> per a l'autenticació Kerberos. Vegeu "
+"<citerefentry><refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> per a més informació sobre configurar Kerberos."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4252,7 +4399,7 @@ msgstr ""
"costat del client. S'admeten els valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4261,7 +4408,7 @@ msgstr ""
"opció no inhabilita les polítiques de contrasenya de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4269,7 +4416,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4281,23 +4428,23 @@ msgstr ""
"contrasenya."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "Per defecte: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4306,7 +4453,7 @@ msgstr ""
"quan és compilat amb la versió d'OpenLDAP 2.4.13 o superior."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4315,29 +4462,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Especifica el nom de servei per utilitzar quan està habilitada la detecció "
"de serveis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "Per defecte: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4346,30 +4493,30 @@ msgstr ""
"permet canvis de contrasenya quan està habilitada la detecció de serveis."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
"Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4380,12 +4527,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Exemple:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4397,7 +4544,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4406,7 +4553,7 @@ msgstr ""
"membres del grup d'ldap \"allowedusers\"."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4419,17 +4566,17 @@ msgstr ""
"concedint accés en estar fora de línia i viceversa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr "Per defecte: Buit"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4438,7 +4585,7 @@ msgstr ""
"d'atributs de control d'accés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4450,12 +4597,12 @@ msgstr ""
"contrasenya és correcta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "S'admeten els valors següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4464,7 +4611,7 @@ msgstr ""
"determinar si el compte ha caducat."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4473,7 +4620,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4481,7 +4628,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4489,30 +4636,38 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Llista separada per comes d'opcions de control d'accés. Els valors permesos "
"són:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4521,17 +4676,17 @@ msgstr ""
"authorizedService per determinar l'accés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Per defecte: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -4540,12 +4695,12 @@ msgstr ""
"s'utilitza més d'una vegada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -4554,13 +4709,13 @@ msgstr ""
"cerca. S'admeten les opcions següents:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: les referències dels àlies mai són eliminades."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -4570,7 +4725,7 @@ msgstr ""
"de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -4579,7 +4734,7 @@ msgstr ""
"només en localitzar l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -4588,7 +4743,7 @@ msgstr ""
"en la recerca i en la localització de l'objecte base de la cerca."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -4597,19 +4752,19 @@ msgstr ""
"llibreries client d'LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4620,7 +4775,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4644,213 +4799,213 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4858,106 +5013,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4966,76 +5121,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5044,46 +5199,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "OPCIONS AVANÇADES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5091,43 +5246,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5138,7 +5293,7 @@ msgstr ""
"sabeu el que estau fent. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5149,7 +5304,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5162,20 +5317,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5696,30 +5851,29 @@ msgstr ""
"complet utilitzat en el domini d'IPA per identificar aquest amfitrió."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (booleà)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
-"Opcional. Aquesta opció li diu a SSSD per actualitzar automàticament el "
-"servidor DNS integrat dins FreeIPA v2 amb l'adreça d'IP d'aquest client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5727,14 +5881,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "timeout (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "timeout (Enter)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5742,7 +5894,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5750,33 +5902,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (cadena)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
-#, fuzzy
-#| msgid ""
-#| "Optional. Applicable only when ipa_dyndns_update is true. Choose the "
-#| "interface whose IP address should be used for dynamic DNS updates."
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
-"Opcional. Aplicable només quan ipa_dyndns_update és cert. Permet triar la "
-"interfície de l'adreça d'IP que s'ha d'utilitzar per a les actualitzacions "
-"de DNS dinàmiques."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5784,24 +5927,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Per defecte: Utilitzar l'adreça IP de la connexió LDAP d'IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (booleà)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5813,108 +5954,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "ldap_enumeration_refresh_timeout (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "ldap_enumeration_refresh_timeout (enter)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
-msgid "Default: 0 (disabled)"
-msgstr "Per defecte: 0 (sense límit)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (booleà)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: false"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Per defecte: false"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (booleà)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5922,58 +6048,58 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booleà)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -5982,7 +6108,7 @@ msgstr ""
"suplantada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -5991,21 +6117,21 @@ msgstr ""
"proveïdor Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6013,12 +6139,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6026,17 +6152,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -6044,12 +6170,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6058,325 +6184,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -6384,7 +6510,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -6396,7 +6522,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6408,7 +6534,7 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6508,13 +6634,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -6524,12 +6657,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -6537,62 +6670,65 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (booleà)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
-#, fuzzy
-#| msgid ""
-#| "Optional. This option tells SSSD to automatically update the DNS server "
-#| "built into FreeIPA v2 with the IP address of this client."
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
-"Opcional. Aquesta opció li diu a SSSD per actualitzar automàticament el "
-"servidor DNS integrat dins FreeIPA v2 amb l'adreça d'IP d'aquest client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 86400 (24 hours)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Per defecte: 86400 (24 hores)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+#, fuzzy
+#| msgid "Default: Use the IP address of the IPA LDAP connection"
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr "Per defecte: Utilitzar l'adreça IP de la connexió LDAP d'IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6600,7 +6736,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6615,7 +6751,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6624,7 +6760,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7683,10 +7819,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_realm (string)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_realm (cadena)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
@@ -7770,7 +7904,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7785,7 +7919,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7794,7 +7928,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -9187,3 +9321,10 @@ msgstr ""
#: include/override_homedir.xml:50
msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
+
+#~ msgid ""
+#~ "Optional. This option tells SSSD to automatically update the DNS server "
+#~ "built into FreeIPA v2 with the IP address of this client."
+#~ msgstr ""
+#~ "Opcional. Aquesta opció li diu a SSSD per actualitzar automàticament el "
+#~ "servidor DNS integrat dins FreeIPA v2 amb l'adreça d'IP d'aquest client."
diff --git a/src/man/po/cs.po b/src/man/po/cs.po
index c816d44f4..5addc6824 100644
--- a/src/man/po/cs.po
+++ b/src/man/po/cs.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
"PO-Revision-Date: 2012-05-22 13:44+0000\n"
"Last-Translator: sgallagh <sgallagh@redhat.com>\n"
"Language-Team: Czech (http://www.transifex.com/projects/p/fedora/language/"
@@ -201,7 +201,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -238,19 +238,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr ""
@@ -270,7 +270,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -290,32 +290,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -324,7 +363,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -332,52 +371,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -387,15 +426,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -413,12 +452,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -427,81 +466,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -511,17 +551,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -529,18 +569,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -550,40 +590,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -591,7 +631,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -601,7 +641,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -610,17 +650,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -628,17 +668,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -647,41 +687,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -689,112 +729,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -802,96 +842,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -899,59 +939,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -959,7 +999,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -968,17 +1008,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -986,63 +1026,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1050,51 +1090,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1106,35 +1146,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1142,12 +1182,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1156,24 +1196,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1182,40 +1222,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1227,14 +1267,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1243,129 +1283,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1374,17 +1436,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1393,33 +1455,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1427,8 +1489,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1437,8 +1499,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1446,19 +1508,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1467,17 +1529,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1485,19 +1547,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1505,7 +1567,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1513,30 +1575,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1544,19 +1606,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1565,24 +1627,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1590,7 +1652,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1598,35 +1660,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1634,23 +1696,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1658,7 +1720,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1666,31 +1728,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1698,23 +1760,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1722,7 +1784,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1730,24 +1792,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1755,19 +1817,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1776,29 +1841,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1806,7 +1871,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1814,74 +1879,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1889,56 +1946,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1947,22 +2004,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1972,18 +2029,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1991,29 +2059,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2021,19 +2089,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2041,73 +2109,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2115,17 +2183,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2134,17 +2202,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2152,17 +2220,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2170,18 +2238,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2211,7 +2279,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2552,7 +2620,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2612,7 +2680,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2629,7 +2697,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2639,14 +2707,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2983,9 +3051,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3000,7 +3068,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3026,16 +3094,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3043,101 +3119,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3145,17 +3229,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3163,14 +3247,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3178,7 +3262,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3187,18 +3271,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3206,172 +3290,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3379,7 +3463,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3387,18 +3471,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3406,12 +3490,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3422,12 +3506,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3435,12 +3519,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3449,34 +3533,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3484,14 +3568,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3499,12 +3583,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3512,17 +3616,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3530,13 +3634,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3545,7 +3649,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3553,26 +3657,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3580,7 +3684,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3588,7 +3692,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3596,41 +3700,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3639,32 +3743,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3672,24 +3776,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3697,29 +3801,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3728,17 +3832,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3746,49 +3850,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3796,27 +3900,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3828,7 +3932,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3836,7 +3940,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3844,53 +3948,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3898,7 +4025,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3906,29 +4033,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3937,56 +4064,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3997,12 +4124,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4011,14 +4138,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4027,24 +4154,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4052,19 +4179,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4073,7 +4200,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4081,7 +4208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4089,109 +4216,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4202,7 +4337,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4220,213 +4355,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4434,106 +4569,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4542,76 +4677,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4620,46 +4755,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4667,43 +4802,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4711,7 +4846,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4719,7 +4854,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4732,20 +4867,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5182,7 +5317,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5190,18 +5325,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5209,12 +5347,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5222,7 +5360,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5230,24 +5368,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5255,22 +5393,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5282,98 +5420,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-msgid "Default: 0 (disabled)"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5381,86 +5514,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5468,12 +5601,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5481,17 +5614,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5499,12 +5632,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5513,325 +5646,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5839,7 +5972,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5851,7 +5984,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5859,7 +5992,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5955,13 +6088,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5971,12 +6111,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5984,52 +6124,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6037,7 +6188,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6052,7 +6203,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6061,7 +6212,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7126,7 +7277,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7141,7 +7292,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7150,7 +7301,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/es.po b/src/man/po/es.po
index c3a253241..27ccafd2f 100644
--- a/src/man/po/es.po
+++ b/src/man/po/es.po
@@ -14,9 +14,9 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-26 07:00+0000\n"
-"Last-Translator: vareli <ehespinosa@ya.com>\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
+"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Spanish <trans-es@lists.fedoraproject.org>\n"
"Language: es\n"
"MIME-Version: 1.0\n"
@@ -239,7 +239,7 @@ msgid "The [sssd] section"
msgstr "La sección [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Parámetros de sección"
@@ -284,12 +284,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -298,7 +298,7 @@ msgstr ""
"de datos del proveedor, o de reiniciarse antes de abandonar"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Predeterminado: 3"
@@ -309,12 +309,6 @@ msgstr "dominios"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -322,14 +316,9 @@ msgid ""
"them to be queried. A domain name should only consist of alphanumeric ASCII "
"characters, dashes and underscores."
msgstr ""
-"Un dominio es una base datos que contiene información del usuario. SSSD "
-"puede utilizar varios dominios al mismo tiempo, pero al menos uno debe ser "
-"configurado. De lo contrario SSSD no podrá iniciarse. Este parámetro "
-"describe una lista de los dominios, en el orden en que se prefiera que sean "
-"consultados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (cadena)"
@@ -354,24 +343,76 @@ msgstr ""
"DOMAIN SECTIONS para más información sobre estas expresiones regulares."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (cadena)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+#, fuzzy
+#| msgid ""
+#| "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+#| "manvolnum> </citerefentry>-compatible format that describes how to "
+#| "translate a (name, domain) tuple for this domain into a fully qualified "
+#| "name."
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+"Un formato compatible con <citerefentry> <refentrytitle>printf</"
+"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> que describe como "
+"traducir un tupla (nombre, dominio) en un nombre totalmente cualificado."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+#, fuzzy
+#| msgid "username"
+msgid "user name"
+msgstr "nombre de usuario"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
msgstr ""
-"El formato compatible con <citerefentry> <refentrytitle>printf</"
-"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> por defecto que "
-"describe como traducir una tupla (nombre, dominio) a un nombre totalmente "
-"calificado."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+#, fuzzy
+#| msgid ""
+#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+#| "\"0\"/>"
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"Opciones válidas para dominios proxy. <placeholder type=\"variablelist\" id="
+"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
@@ -380,12 +421,12 @@ msgstr ""
"SECCIONES DOMINIO para más información sobre esta opción."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (boolean)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -398,7 +439,7 @@ msgstr ""
"segundos en caso que inotify no pueda ser utilizado."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -409,7 +450,7 @@ msgstr ""
"'false' "
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -418,7 +459,7 @@ msgstr ""
"en el resto de las plataformas."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -428,12 +469,12 @@ msgstr ""
"utilizada siempre."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -442,7 +483,7 @@ msgstr ""
"reproducción de cache de Kerberos."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
@@ -452,7 +493,7 @@ msgstr ""
"de respuesta."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
@@ -461,12 +502,12 @@ msgstr ""
"tiempo. (si no se configura __LIBKRB5_DEFAULTS__)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -482,7 +523,7 @@ msgstr ""
"usuario sin dar también un nombre de dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
@@ -492,8 +533,8 @@ msgstr ""
"user@domain.name, para acceder."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -517,12 +558,12 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "SECCIONES DE SERVICIOS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -535,64 +576,65 @@ msgstr ""
"<quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "Opciones de configuración de servicios generales"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "Estas opciones pueden usarse para configurar cualquier servicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "Agregar una marca de tiempo a los mensajes de depuración"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Predeterminado: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr "Agregar microsegundos a la marca de tiempo en mensajes de depuración"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Predeterminado: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
@@ -601,17 +643,17 @@ msgstr ""
"para asegurar que el proceso está vivo y capaz de responder peticiones."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Predeterminado: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -626,17 +668,17 @@ msgstr ""
"valor más bajo de este o de limite “hard” en limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Por defecto: 8192 (o limite “hard” en limits.conf)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -648,18 +690,18 @@ msgstr ""
"sistema."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Predeterminado: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr "force_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -674,12 +716,12 @@ msgstr ""
"una señal SIGKILL."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "Opciones de configuración de NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -687,12 +729,12 @@ msgstr ""
"Switch (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -701,17 +743,17 @@ msgstr ""
"sobre todos los usuarios)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Predeterminado: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -722,7 +764,7 @@ msgstr ""
"valor de entry_cache_timeout para el dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -738,7 +780,7 @@ msgstr ""
"actualización del cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -751,17 +793,17 @@ msgstr ""
"segundos. (0 deshabilita esta función)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "Predeterminado: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -772,17 +814,17 @@ msgstr ""
"entradas no existentes) antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Predeterminado: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -795,17 +837,17 @@ msgstr ""
"filtrar sólo usuario de un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Predeterminado: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -813,12 +855,12 @@ msgstr ""
"opción a false."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -827,7 +869,7 @@ msgstr ""
"especificado una explícitamente por el proveedor de datos del dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -835,7 +877,7 @@ msgstr ""
"override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -845,23 +887,23 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Por defecto: no fijado (sin sustitución para los directorios home no fijados)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr "override_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -870,17 +912,17 @@ msgstr ""
"especificada globalmente en la sección [nss] o por dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr "allowed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -888,12 +930,12 @@ msgstr ""
"evaluación es:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -902,7 +944,7 @@ msgstr ""
"shells</quote>, usa el valor del parámetro shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -911,12 +953,12 @@ msgstr ""
"shells</quote>, se usará un shell de no acceso."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr "Una cadena vacía para el shell se pasa como-es a libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -926,27 +968,27 @@ msgstr ""
"una nueva shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr "shell_fallback (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -954,17 +996,17 @@ msgstr ""
"máquina."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "Predeterminado: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -975,7 +1017,7 @@ msgstr ""
"efecto y puede fijada en la sección [nss] o por dominio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -985,12 +1027,12 @@ msgstr ""
"normalmente /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -999,12 +1041,12 @@ msgstr ""
"considerada válida."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1013,17 +1055,17 @@ msgstr ""
"escondrijo en memoria serán válidos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Predeterminado: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr "Opciones de configuración PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1032,12 +1074,12 @@ msgstr ""
"Authentication Module (PAM)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1046,17 +1088,17 @@ msgstr ""
"los accesos escondidos (en días desde el último login en línea con éxito)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Predeterminado: 0 (Sin límite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1065,12 +1107,12 @@ msgstr ""
"login fallados están permitidos."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1080,7 +1122,7 @@ msgstr ""
"intento de login sea posible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1091,17 +1133,17 @@ msgstr ""
"éxito puede habilitar otra vez la autenticación fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Predeterminado: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1110,44 +1152,44 @@ msgstr ""
"autenticación. Cuanto mayor sea el número de mensajes más aparecen."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "Actualmente sssd soporta los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: mostrar todos los mensajes e información de "
"depuración"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Predeterminado: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1159,7 +1201,7 @@ msgstr ""
"información más actual."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1173,17 +1215,17 @@ msgstr ""
"proveedor de identidad."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr "Mostrar una advertencia N días antes que la contraseña caduque."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1194,7 +1236,7 @@ msgstr ""
"información desaparece, sssd no podrá mostrar un aviso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1204,7 +1246,7 @@ msgstr ""
"automáticamente."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1213,27 +1255,27 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Predeterminado: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr "SUDO opciones de configuración"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr "Estas opciones pueden ser usadas para configurar el servicio sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr "sudo_timed (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1242,22 +1284,22 @@ msgstr ""
"entradas de sudoers dependientes del tiempo."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr "Opciones de configuración AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1268,22 +1310,22 @@ msgstr ""
"existentes) antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr "Opciones de configuración SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr "Estas opciones se pueden usar para configurar el servicio SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (booleano)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1292,12 +1334,12 @@ msgstr ""
"known_host. "
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1306,17 +1348,17 @@ msgstr ""
"después de que se hayan pedido sus claves de host."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr "Por defecto: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr "Opciones de configuración del respondedor PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1335,13 +1377,21 @@ msgstr ""
"siguientes operaciones:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
+#, fuzzy
+#| msgid ""
+#| "If the remote user does not exist in the cache, it is created. The uid is "
+#| "calculated based on the SID, trusted domains will have UPGs and the gid "
+#| "will have the same value as the uid. The home directory is set based on "
+#| "the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+#| "the system defaults are used, but can be overwritten with the "
+#| "default_shell parameter."
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
"Si el usuario remoto no existe en el escondrijo, se crea. La uid se calcula "
@@ -1352,26 +1402,30 @@ msgstr ""
"default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
+#, fuzzy
+#| msgid ""
+#| "If there are SIDs of groups from the domain the sssd client belongs to, "
+#| "the user will be added to those groups."
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
"Si hay SIDs de grupos desde el dominio al que el cliente pertenece, el "
"usuario será añadido a esos grupos."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr "allowed_uids (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1381,14 +1435,14 @@ msgstr ""
"usuario que tiene el acceso permitido al respondedor PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Por defecto: 0 (sólo el usuario root tiene permitido el acceso al "
"respondedor PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1401,17 +1455,17 @@ msgstr ""
"lista de UIDs permitidas también."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "SECCIONES DE DOMINIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id, max_id (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1420,7 +1474,7 @@ msgstr ""
"está fuera de estos límites, ésta es ignorada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1433,17 +1487,17 @@ msgstr ""
"reportados como en espera."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerar (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1452,23 +1506,23 @@ msgstr ""
"de los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = Usuarios y grupos son enumerados"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = Sin enumeraciones para este dominio"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Predeterminado: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1488,7 +1542,7 @@ msgstr ""
"las afiliaciones deben ser recalculadas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1498,7 +1552,7 @@ msgstr ""
"completen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1512,7 +1566,7 @@ msgstr ""
"específico id_provider en uso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1521,12 +1575,12 @@ msgstr ""
"especialmente en entornos grandes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1535,17 +1589,17 @@ msgstr ""
"volver a consultar al backend"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Predeterminado: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1554,18 +1608,18 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr "Por defecto: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1574,12 +1628,12 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1588,12 +1642,12 @@ msgstr ""
"válidas antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1602,12 +1656,12 @@ msgstr ""
"antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1616,12 +1670,12 @@ msgstr ""
"preguntar al backend otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1630,31 +1684,61 @@ msgstr ""
"automontaje válidos antes de preguntar al punto final otra vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+#, fuzzy
+#| msgid "ldap_sudo_full_refresh_interval (integer)"
+msgid "refresh_expired_interval (integer)"
+msgstr "ldap_sudo_full_refresh_interval (entero)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+#, fuzzy
+#| msgid ""
+#| "Specifies how many seconds SSSD has to wait before refreshing its cache "
+#| "of enumerated records."
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+"Especifica cuantos segundos SSSD tiene que esperar antes de refrescar su "
+"escondrijo de los registros enumerados."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Determina si las credenciales del usuario están también escondidas en el "
"cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Las credenciales de usuario son almacenadas en un hash SHA512, no en texto "
"plano"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1667,17 +1751,17 @@ msgstr ""
"grande o igual que offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Predeterminado: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1690,17 +1774,17 @@ msgstr ""
"configurar un proveedor de autorización para el backend."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1708,17 +1792,17 @@ msgstr ""
"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "<quote>proxy</quote>: Soporta un proveedor NSS legado"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: Proveedor interno SSSD para usuarios locales"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1729,8 +1813,8 @@ msgstr ""
"información sobre la configuración de LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1743,8 +1827,8 @@ msgstr ""
"configuración de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1756,12 +1840,12 @@ msgstr ""
"Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1771,7 +1855,7 @@ msgstr ""
"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1785,17 +1869,17 @@ msgstr ""
"command> lo haría."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr "No devuelve miembros de grupo para búsquedas de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1806,12 +1890,12 @@ msgstr ""
"llamadas de búsqueda de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1820,7 +1904,7 @@ msgstr ""
"autenticación soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1831,7 +1915,7 @@ msgstr ""
"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1842,7 +1926,7 @@ msgstr ""
"citerefentry> para más información sobre la configuración de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -1850,12 +1934,12 @@ msgstr ""
"objetivo PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> deshabilita la autenticación explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1864,12 +1948,12 @@ msgstr ""
"manejar las peticiones de autenticación."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1880,7 +1964,7 @@ msgstr ""
"proveedores especiales internos son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1889,12 +1973,12 @@ msgstr ""
"sólo permitido para un dominio local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> siempre niega el acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1907,17 +1991,17 @@ msgstr ""
"configuración del módulo de acceso sencillo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "Predeterminado: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr "chpass_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1926,7 +2010,7 @@ msgstr ""
"el dominio. Los proveedores de cambio de passweord soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1938,7 +2022,7 @@ msgstr ""
"configurar LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1949,7 +2033,7 @@ msgstr ""
"citerefentry> para más información sobre configurar Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1957,13 +2041,13 @@ msgstr ""
"otros objetivos PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> deniega explícitamente los cambios en la contraseña."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1972,18 +2056,18 @@ msgstr ""
"puede manejar las peticiones de cambio de password."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr "sudo_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1994,24 +2078,24 @@ msgstr ""
"citerefentry> para más información sobre la configuración LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote>deshabilita SUDO explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr "selinux_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2022,7 +2106,7 @@ msgstr ""
"finalice. Los proveedores selinux soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2034,14 +2118,14 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> deshabilita ir a buscar los ajustes selinux "
"explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2050,12 +2134,12 @@ msgstr ""
"manejar las peticiones de carga selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2065,7 +2149,7 @@ msgstr ""
"soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2077,18 +2161,18 @@ msgstr ""
"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
"<quote>none</quote> deshabilita el buscador de subdominios explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr "autofs_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2096,7 +2180,7 @@ msgstr ""
"son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2108,7 +2192,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2120,17 +2204,17 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> deshabilita autofs explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr "hostid_provider (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2139,7 +2223,7 @@ msgstr ""
"proveedores de hostid soportados son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2151,21 +2235,22 @@ msgstr ""
"configuración de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> deshabilita hostid explícitamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
-"Expresión regular para este dominio que describe como analizar la cadena que "
-"contiene el nombre de usuario y el dominio en estos componentes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2178,22 +2263,22 @@ msgstr ""
"nombres de usuario:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr "nombre de usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr "dominio/nombre_de_usuario"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2203,7 +2288,7 @@ msgstr ""
"dominios Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2214,7 +2299,7 @@ msgstr ""
"el nombre, el dominio es el resto detrás de este signo\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2226,7 +2311,7 @@ msgstr ""
"subplantillas sin nombre único."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2235,28 +2320,17 @@ msgstr ""
"soportan la sintaxis Python (?P&lt;name&gt;) para identificar subpatrones."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-"Un formato compatible con <citerefentry> <refentrytitle>printf</"
-"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> que describe como "
-"traducir un tupla (nombre, dominio) en un nombre totalmente cualificado."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Predeterminado: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2265,42 +2339,42 @@ msgstr ""
"a usar cuando se lleven a cabo búsquedas DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Valores soportados:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "Predeterminado: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2311,12 +2385,12 @@ msgstr ""
"espera, el dominio continuará operativo en modo fuera de línea."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2325,28 +2399,28 @@ msgstr ""
"de dominio de la pregunta al descubridor de servicio DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Predeterminado: Utilizar la parte del dominio del nombre de host del equipo"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr "override_gid (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr "Anula el valor primario GID con el especificado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2355,17 +2429,17 @@ msgstr ""
"momento, esta opción no está soportada en el proveedor local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr "Predeterminado: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2379,26 +2453,22 @@ msgstr ""
"razones de rendimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
-#, fuzzy
-#| msgid ""
-#| "Use this homedir as default value for all subdomains within this domain. "
-#| "See <emphasis>override_homedir</emphasis> for info about possible values."
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2406,12 +2476,9 @@ msgid ""
"<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
-"Usa este directorio home como valor por defecto para todos los subdominios "
-"dentro de este dominio. Vea <emphasis>override_homedir</emphasis> para más "
-"información sobre los posibles valores."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2419,12 +2486,25 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Por defecto: <filename>/home/%d/%u</filename>"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (cadena)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2436,17 +2516,17 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr "El proxy de destino PAM próximo a."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2455,12 +2535,12 @@ msgstr ""
"pam existente o crear una nueva y añadir el nombre de servicio aquí."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2471,7 +2551,7 @@ msgstr ""
"$(function), por ejemplo _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2480,12 +2560,12 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "La sección de dominio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2496,29 +2576,29 @@ msgstr ""
"utiliza <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"El shell predeterminado para los usuarios creados con herramientas de "
"espacio de usuario SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Predeterminado: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2528,17 +2608,17 @@ msgstr ""
"de inicio."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "Predeterminado: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2547,17 +2627,17 @@ msgstr ""
"Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Predeterminado: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2566,12 +2646,12 @@ msgstr ""
"borrados. Puede ser anulado desde la línea de comando."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entero)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2582,17 +2662,17 @@ msgstr ""
"predeterminados en un directorio de inicio recién creado."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Predeterminado: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2605,17 +2685,17 @@ msgstr ""
"<manvolnum>8</manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Predeterminado: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2626,17 +2706,17 @@ msgstr ""
"Si no se especifica, se utiliza un valor por defecto."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Predeterminado: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (cadena)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2647,18 +2727,18 @@ msgstr ""
"único parámetro. El código de retorno del comando no es tenido en cuenta."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "Predeterminado: None, no se ejecuta comando"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "EJEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2712,7 +2792,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3118,7 +3198,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "El atributo LDAP que corresponde al id del grupo primario del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr "Predeterminado: gidNumber"
@@ -3182,7 +3262,7 @@ msgstr ""
"El atributo LDAP que contiene el GUID/UUID de un objeto de usuario LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "Predeterminado: nsUniqueId"
@@ -3201,7 +3281,7 @@ msgstr ""
"es normalmente sólo necesario para servidores ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"Por defecto: objectSid para ActiveDirectory, no fijado para otros servidores."
@@ -3212,7 +3292,7 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -3221,7 +3301,7 @@ msgstr ""
"objeto primario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "Predeterminado: modifyTimestamp"
@@ -3615,9 +3695,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "El atributo LDAP que corresponde al nombre completo del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "Predeterminado: cn"
@@ -3632,7 +3712,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "El atributo LDAP que lista los afiliación a grupo de usario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr "Predeterminado: memberOf"
@@ -3663,16 +3743,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr "Predeterminado: iluminada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3683,7 +3771,7 @@ msgstr ""
"el privilegio de acceso."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -3692,77 +3780,85 @@ msgstr ""
"SSSD para permiso explícito (host) y finalmente permitir todo (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr "Default: host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr "La clase de objeto de una entrada de grupo LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "Por defecto: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr "El atributo LDAP que corresponde al nombre de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "El atributo LDAP que corresponde al id del grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "El atributo LDAP que contiene los nombres de los miembros del grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Valor predeterminado: memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "El atributo LDAP que contiene el UUID/GUID de un objeto de grupo LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
@@ -3771,17 +3867,17 @@ msgstr ""
"normalmente sólo necesario para servidores ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3793,17 +3889,17 @@ msgstr ""
"esquema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "Predeterminado: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3814,7 +3910,7 @@ msgstr ""
"despliegues con grupos complejos o profundamente anidados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
@@ -3824,7 +3920,7 @@ msgstr ""
"muy complejos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3835,7 +3931,7 @@ msgstr ""
"esencialmente “auto-detect”."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3848,18 +3944,18 @@ msgstr ""
"documentation</ulink> para más detalles."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "Por defecto: False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3870,68 +3966,68 @@ msgstr ""
"notable cuando se trata con grupos complejos o profundamente anidados)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr "La clase de objeto de una entrada netgroup en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr "En proveedor IPA, ipa_netgroup_object_class, se usaría en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr "Predeterminado: nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "El atributo LDAP que corresponde al nombre del netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr "Un proveedor IPA, ipa_netgroup_name sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
"El atributo LDAP que contiene los nombres de los miembros de grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr "Un proveedor IPA, ipa_netgroup_member sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr "Predeterminado: memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
@@ -3939,59 +4035,59 @@ msgstr ""
"de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr "Esta opción no está disponible en el proveedor IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "Predeterminado: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
"El atributo LDAP que contiene el UUID/GUID de un objeto de grupo de red LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr "Un proveedor IPA ipa_netgroup_uuid sería usado en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr "La clase objeto de una entrada de servicio en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr "Por defecto: ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
@@ -3999,49 +4095,49 @@ msgstr ""
"El atributo LDAP que contiene el nombre de servicio de atributos y sus alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "El atributo LDAP que contiene el puerto manejado por este servicio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr "Por defecto: ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
"El atributo LDAP que contiene los protocolos entendidos por este servicio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr "Por defecto: ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -4052,7 +4148,7 @@ msgstr ""
"escondidos devueltos (y se entra en modo fuera de línea)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -4063,18 +4159,18 @@ msgstr ""
"espera para tipos específicos de búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Predeterminado: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -4086,12 +4182,12 @@ msgstr ""
"fuera de línea)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -4108,12 +4204,12 @@ msgstr ""
"citerefentry> vuelve en caso de no actividad."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -4125,12 +4221,12 @@ msgstr ""
"enlazador SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -4143,17 +4239,17 @@ msgstr ""
"temprano (este valor contra el tiempo de vida TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr "Predeterminado: 900 (15 minutos)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -4162,17 +4258,17 @@ msgstr ""
"Algunos servidores LDAP hacen cumplir un límite máximo por petición."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr "Predeterminado: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -4183,7 +4279,7 @@ msgstr ""
"RootDSE pero no está habilitado o no se comporta apropiadamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
@@ -4193,7 +4289,7 @@ msgstr ""
"pero es incapaz de usarlo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -4204,12 +4300,34 @@ msgstr ""
"puede ocasionar que algunas peticiones sean denegadas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_disable_paging (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_disable_paging (booleano)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -4220,19 +4338,19 @@ msgstr ""
"de esta opción son definidos por OpenLDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
"Por defecto: Usa el sistema por defecto (normalmente especificado por ldap."
"conf)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -4243,7 +4361,7 @@ msgstr ""
"deference. Si hay menos miembros desaparecidos, se buscarán individualmente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
@@ -4251,7 +4369,7 @@ msgstr ""
"a 0."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -4264,7 +4382,7 @@ msgstr ""
"soportados son 389/RHDS, OpenLDAP y Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -4275,12 +4393,12 @@ msgstr ""
"será deshabilitado sin tener en cuenta este ajuste."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -4290,7 +4408,7 @@ msgstr ""
"los siguientes valores:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -4299,7 +4417,7 @@ msgstr ""
"certificado de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4310,7 +4428,7 @@ msgstr ""
"certificado malo, será ignorado y la sesión continua normalmente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4321,7 +4439,7 @@ msgstr ""
"certificado malo, la sesión se termina inmediatamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -4332,22 +4450,22 @@ msgstr ""
"termina inmediatamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "Predeterminado: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -4356,7 +4474,7 @@ msgstr ""
"de Certificación que <command>sssd</command> reconocerá."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -4365,12 +4483,12 @@ msgstr ""
"etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -4384,33 +4502,33 @@ msgstr ""
"para crear los nombres correctos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
"Especifica el fichero que contiene el certificado para la clave del cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr "Especifica el archivo que contiene la clave del cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4421,12 +4539,12 @@ msgstr ""
"conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4435,12 +4553,12 @@ msgstr ""
"<systemitem class=\"protocol\">tls</systemitem> para proteger el canal."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4451,18 +4569,18 @@ msgstr ""
"ldap_user_uid_number y ldap_group_gid_number."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4471,12 +4589,12 @@ msgstr ""
"probado y soportado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4489,17 +4607,17 @@ msgstr ""
"myhost@EXAMPLE.COM) o sólo en nombre principal (por ejemplo host/myhost)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr "Por defecto: host/nombre_de_host@REALM"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr "ldap_sasl_realm (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4510,17 +4628,17 @@ msgstr ""
"reino también, esta opción se ignora."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr "Por defecto: el valor de krb5_realm."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4529,34 +4647,34 @@ msgstr ""
"para para canocalizar el nombre de host durante una unión SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "Predeterminado: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Especifica la keytab a usar cuando se utilice SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4567,27 +4685,27 @@ msgstr ""
"es GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Especifica el tiempo de vida en segundos del TGT si se usa GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Predeterminado: 86400 (24 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4606,7 +4724,7 @@ msgstr ""
"información, vea la sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4617,7 +4735,7 @@ msgstr ""
"regresa a _tcp si no se encuentra nada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4629,29 +4747,29 @@ msgstr ""
"configuración para usar <quote>krb5_server</quote> en su lugar."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Especifica el REALM Kerberos (para autorización SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4660,12 +4778,45 @@ msgstr ""
"servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_canonicalize (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_canonicalize (boolean)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+#, fuzzy
+#| msgid ""
+#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring LDAP."
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+"<quote>ldap</quote>: Proveedor LDAP. Vea <citerefentry> <refentrytitle>sssd-"
+"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> para más "
+"información sobre la configuración de LDAP."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4674,7 +4825,7 @@ msgstr ""
"del cliente. Los siguientes valores son permitidos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4683,7 +4834,7 @@ msgstr ""
"no puede deshabilitar las políticas de password en el lado servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4694,7 +4845,7 @@ msgstr ""
"manvolnum></citerefentry> para evaluar si la contraseña ha expirado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4706,24 +4857,24 @@ msgstr ""
"password."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "Predeterminado: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Especifica si el seguimiento de referencias automático debería ser "
"habilitado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4732,7 +4883,7 @@ msgstr ""
"está compilado con OpenLDAP versión 2.4.13 o más alta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4745,29 +4896,29 @@ msgstr ""
"esta opción a false le llevará a una notable mejora de rendimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Especifica el nombre del servicio para utilizar cuando está habilitado el "
"servicio de descubrimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "Predeterminado: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4777,17 +4928,17 @@ msgstr ""
"descubrimiento."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
@@ -4796,12 +4947,12 @@ msgstr ""
"desde el Epoch después de una operación de cambio de contraseña."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4819,12 +4970,12 @@ msgstr ""
"defecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Ejemplo:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4836,7 +4987,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4845,7 +4996,7 @@ msgstr ""
"del grupo “allowedusers” en ldap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4858,17 +5009,17 @@ msgstr ""
"obteniendo acceso mientras esté fuera de línea y viceversa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr "Predeterminado: vacío"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4877,7 +5028,7 @@ msgstr ""
"control de acceso del lado cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4888,12 +5039,12 @@ msgstr ""
"una código de error definible aunque el password sea correcto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "Los siguientes valores están permitidos:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4902,7 +5053,7 @@ msgstr ""
"determinar si la cuenta ha expirado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4915,7 +5066,7 @@ msgstr ""
"se comprueba el tiempo de expiración de la cuenta."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4926,7 +5077,7 @@ msgstr ""
"el acceso o no."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4938,30 +5089,38 @@ msgstr ""
"ldap_user_nds_login_expiration_time se usan para comprobar si el acceso está "
"permitido. Si ambos atributos están desaparecidos se concede el acceso."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Lista separada por coma de opciones de control de acceso. Los valores "
"permitidos son:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4970,18 +5129,18 @@ msgstr ""
"autorizedService para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: usa el atributo host para determinar el acceso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Predeterminado: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -4990,12 +5149,12 @@ msgstr ""
"una vez."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5004,13 +5163,13 @@ msgstr ""
"lleva a cabo una búsqueda. Están permitidas las siguientes opciones:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5020,7 +5179,7 @@ msgstr ""
"búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5029,7 +5188,7 @@ msgstr ""
"cuando se localice el objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5038,7 +5197,7 @@ msgstr ""
"para la búsqueda como en la localización del objeto base de la búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5047,12 +5206,12 @@ msgstr ""
"librerías cliente LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5061,7 +5220,7 @@ msgstr ""
"servidores que usan el esquema RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5079,7 +5238,7 @@ msgstr ""
"llamadas getpw*() o initgroups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5105,57 +5264,57 @@ msgstr ""
"completos. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr "OPCIONES SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr "El objeto clase de una regla de entrada sudo en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr "Por defecto: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "El atributo LDAP que corresponde a la regla nombre de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr "El atributo LDAP que corresponde al nombre de comando."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr "Por defecto: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5164,17 +5323,17 @@ msgstr ""
"red IP del host o grupo de red del host)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr "Por defecto: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5183,32 +5342,32 @@ msgstr ""
"grupo o grupo de red del usuario)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr "Por defecto: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "El atributo LDAP que corresponde a las opciones sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr "Por defecto: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5217,17 +5376,17 @@ msgstr ""
"pueden ejecutar como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr "Por defectot: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5236,17 +5395,17 @@ msgstr ""
"ejecutar comandos como."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr "Por defecto: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5255,17 +5414,17 @@ msgstr ""
"regla sudo es válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr "Por defecto: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -5274,32 +5433,32 @@ msgstr ""
"la regla sudo dejará de ser válida."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr "Por defecto: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "El atributo LDAP que corresponde al índice de ordenación de la regla."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr "Por defecto: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5309,7 +5468,7 @@ msgstr ""
"servidor)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5318,17 +5477,17 @@ msgstr ""
"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr "Por defecto: 21600 (6 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5339,7 +5498,7 @@ msgstr ""
"USBN más alto que el USN más alto de las reglas escondidas)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5348,12 +5507,12 @@ msgstr ""
"atributo modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -5362,12 +5521,12 @@ msgstr ""
"máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5376,7 +5535,7 @@ msgstr ""
"totalmente cualificados que sería usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -5385,8 +5544,8 @@ msgstr ""
"nombre de dominio totalmente cualificado automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5395,17 +5554,17 @@ msgstr ""
"emphasis> esta opción no tiene efecto."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr "Por defecto: no especificado"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5414,7 +5573,7 @@ msgstr ""
"usada para filtrar las reglas."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5423,12 +5582,12 @@ msgstr ""
"automáticamente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "sudo_include_netgroups (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -5437,12 +5596,12 @@ msgstr ""
"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (booleano)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -5451,12 +5610,12 @@ msgstr ""
"atributo sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5469,12 +5628,12 @@ msgstr ""
"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr "OPCIONES AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5483,47 +5642,47 @@ msgstr ""
"defecto del RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr "El objeto clase de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr "Por defecto: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr "El nombre de una entrada de mapa de automontaje en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr "Por defecto: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5532,17 +5691,17 @@ msgstr ""
"normalmente a un punto de montaje."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr "Por defecto: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5555,32 +5714,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "OPCIONES AVANZADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5589,7 +5748,7 @@ msgstr ""
"restringe las búsquedas del usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5598,7 +5757,7 @@ msgstr ""
"utilizada por ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5608,7 +5767,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5617,12 +5776,12 @@ msgstr ""
"su shell fijado en /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5631,7 +5790,7 @@ msgstr ""
"restringe las búsquedas de grupo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5640,17 +5799,17 @@ msgstr ""
"utilizada por ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5662,7 +5821,7 @@ msgstr ""
">"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5673,7 +5832,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5693,20 +5852,20 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6285,23 +6444,22 @@ msgstr ""
"host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
-"Opcional. Esta opción le dice a SSSD que actualice automáticamente el "
-"servidor DNS construido en FreeIPA v2 con la dirección IP de este cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -6311,7 +6469,7 @@ msgstr ""
"fijado apropiadamente en /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -6319,30 +6477,20 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "ipa_dyndns_ttl (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "ipa_dyndns_ttl (integer)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
-#, fuzzy
-#| msgid ""
-#| "The TTL to apply to the client DNS record when updating it. If "
-#| "ipa_dyndns_update is false this has no effect. This will override the TTL "
-#| "serverside if set by an administrator."
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
"serverside if set by an administrator."
msgstr ""
-"El TTL a aplicar a la grabación del cliente DNS cuando la actualiza. Si "
-"ipa_dyndns_update es falso esto no tiene efecto. Esto anulará el TTL del "
-"lado del servidor si está fijado por un administrador."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -6350,32 +6498,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr "Por defecto: 1200 (segundos)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (cadena)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
-#, fuzzy
-#| msgid ""
-#| "Optional. Applicable only when ipa_dyndns_update is true. Choose the "
-#| "interface whose IP address should be used for dynamic DNS updates."
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
-"Opcional. Aplicable sólo cuando ipa_dyndns_update esta a cierto. Elige la "
-"interfaz cuya dirección IP sería usada para actualizaciones dinámicas DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -6383,24 +6523,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Predeterminado: Utilizar la dirección IP de la conexión IPA LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -6412,103 +6550,88 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "ldap_sudo_smart_refresh_interval (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "ldap_sudo_smart_refresh_interval (entero)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: loginDisabled"
-msgid "Default: 0 (disabled)"
-msgstr "Predeterminado: loginDisabled"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: loginDisabled"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Predeterminado: loginDisabled"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda para los objetos HBAC "
"relacionados."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr "Predeterminado: Utilizar DN base"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6517,7 +6640,7 @@ msgstr ""
"de múltiples bases de búsqueda."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -6528,63 +6651,63 @@ msgstr ""
"será ingnorado."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (cadena)Opcional. "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"Opcional. Usa la cadena dada como base de búsqueda para los mapas de usuario "
"SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"Opcional: Usa la cadena dada como base de búsqueda de dominios de confianza."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"Opcional: Usa la cadena dada como base de búsqueda para el objeto maestro de "
"dominio."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -6592,7 +6715,7 @@ msgstr ""
"Verifica con la ayuda de krb5_keytab que el TGT obtenido no ha sido burlado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6601,7 +6724,7 @@ msgstr ""
"tradicional de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6610,7 +6733,7 @@ msgstr ""
"de <quote>ipa_domain</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6619,7 +6742,7 @@ msgstr ""
"convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6630,12 +6753,12 @@ msgstr ""
"está disponible con MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6646,17 +6769,17 @@ msgstr ""
"muchas peticiones de control de acceso hechas en un corto período."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr "Predeterminado: 5 (segundos)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr "ipa_hbac_selinux (entero)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -6667,12 +6790,12 @@ msgstr ""
"hay muchas peticiones de acceso de usuario hechas en un corto período."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6686,7 +6809,7 @@ msgstr ""
"período de transición:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6695,7 +6818,7 @@ msgstr ""
"les denegará el acceso a todos los usuarios."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6704,24 +6827,24 @@ msgstr ""
"cuidadoso con este opción, puesto que pueden abrirse accesos no pretendidos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr "Predeterminado: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr "Si se fija a false, el host fuente dado a SSSD por PAM será ignorado."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
@@ -6731,37 +6854,37 @@ msgstr ""
"ignorados;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr "La localización del automontador de este cliente IPA que será usada"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr "Por defecto: La localización llamada “default”"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "El atributo LDAP que lista los afiliados del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6770,17 +6893,17 @@ msgstr ""
"miembros directos del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr "Predeterminado: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6789,17 +6912,17 @@ msgstr ""
"directos del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr "Predeterminado: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6808,78 +6931,78 @@ msgstr ""
"miembros del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr "Predeterminado: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
"El atributo LDAP que contiene el nombre de dominio NIS del grupo de red."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr "Predeterminado: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr "El objeto clase de una entrada host en LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr "Predeterminado: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "El atributo LDAP que contiene el FQDN del host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr "Por defecto: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "El atributo LDAP que contiene el nombre del mapa de usuario SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
@@ -6887,12 +7010,12 @@ msgstr ""
"esta regla coincide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
@@ -6901,12 +7024,12 @@ msgstr ""
"que esta regla coincide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6915,32 +7038,32 @@ msgstr ""
"lugar de memberUser o memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr "Por defecto: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "El atributo LDAP que contiene la cadena de usuario SELinux mismo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr "Por defecto: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -6949,77 +7072,77 @@ msgstr ""
"para utilización."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr "Por defecto: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr "El atributo LDAP que contiene la categoría del usuario como ‘all’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr "Por defecto: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "El atributo LDAP que contiene la categoría del host como ‘all’."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr "Por defecto: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "El atributo LDAP que contiene la ID única del mapa de usuario."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr "Por defecto: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "El atributo LDAP que contiene las claves públicas SSH del host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr "Por defecto: ipaSshPubKey"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr "PROVEEDOR DE SUBDOMINIOS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
@@ -7028,7 +7151,7 @@ msgstr ""
"si está configurado explícitamente o implícitamente."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -7040,16 +7163,7 @@ msgstr ""
"de IPA si es necesario."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
-#, fuzzy
-#| msgid ""
-#| "If the option 'subdomains_provider' is not set in the domain section of "
-#| "sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains "
-#| "provider is configured implictly. In this case, if a subdomain request "
-#| "fails and indicates that the server does not support subdomains, i.e. is "
-#| "not configured for trusts, the IPA subdomains provider is disabled. After "
-#| "an hour or after the IPA provider goes online, the subdomains provider is "
-#| "enabled again."
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -7059,16 +7173,9 @@ msgid ""
"hour or after the IPA provider goes online, the subdomains provider is "
"enabled again."
msgstr ""
-"Si la opción ‘subdomanins_provider’ no está fijada en la sección dominio de "
-"sssd.conf pero está la opción ‘id_provider = ipa’ el proveedor de "
-"subdominios IPA es configurado implícitamente. En este caso, si una petición "
-"de subdominio falla e indica que el servidor no soporta subdominios, esto es "
-"no está configurado para confiar, el proveedor de subdominos IPA es "
-"deshabilitado. Después de una hora o después de que el proveedor IPA esté en "
-"línea, el proveedor de subdominios es habilitado otra vez."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7079,7 +7186,7 @@ msgstr ""
"Este ejemplo muestra sólo las opciones específicas del proveedor ipa."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -7173,13 +7280,6 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:63
-#, fuzzy
-#| msgid ""
-#| "By default, the AD provider will map UID and GID values from the "
-#| "objectSID parameter in Active Directory. For details on this, see the "
-#| "<quote>ID MAPPING</quote> section below. If you want to disable ID "
-#| "mapping and instead rely on POSIX attributes defined in Active Directory, "
-#| "you should set <placeholder type=\"programlisting\" id=\"0\"/>"
msgid ""
"By default, the AD provider will map UID and GID values from the objectSID "
"parameter in Active Directory. For details on this, see the <quote>ID "
@@ -7189,12 +7289,6 @@ msgid ""
"entities served by SSSD are always treated as case-insensitive in the AD "
"provider for compatibility with Active Directory's LDAP implementation."
msgstr ""
-"Por defecto, un proveedor AD mapeará valores UID y GID desde el parámetro "
-"objectSID en Active Directory. Para detalles sobre esto, vea la sección "
-"<quote>IDENTIFICACIÓN DEL MAPEO</quote> abajo. Si usted desea deshabilitar "
-"la idententificación del mapeo y en su lugar confiar en los atributos POSIX "
-"definidos en Active Directory, usted fijaría <placeholder type="
-"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:86
@@ -7219,13 +7313,20 @@ msgstr ""
"Para una operativa apropiada, esta opción sería especificada en la versión "
"minúscula de la versión larga del dominio Active Directory."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -7241,12 +7342,12 @@ msgstr ""
"la sección <quote>SERVICE DISCOVERY</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr "ad_hostname (cadena)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -7257,7 +7358,7 @@ msgstr ""
"identificar este host."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
@@ -7266,57 +7367,58 @@ msgstr ""
"Debe coincidir con el nombre del host desde que se envío la keytab."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "case_sensitive (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "case_sensitive (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
-#, fuzzy
-#| msgid ""
-#| "Optional. This option tells SSSD to automatically update the DNS server "
-#| "built into FreeIPA v2 with the IP address of this client."
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
-"Opcional. Esta opción le dice a SSSD que actualice automáticamente el "
-"servidor DNS construido en FreeIPA v2 con la dirección IP de este cliente."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 1200 (seconds)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Por defecto: 1200 (segundos)"
+msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
#, fuzzy
-#| msgid "krb5_fast_principal (string)"
+#| msgid "Default: Use the IP address of the IPA LDAP connection"
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr "Predeterminado: Utilizar la dirección IP de la conexión IPA LDAP"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
-msgstr "krb5_fast_principal (cadena)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7327,7 +7429,7 @@ msgstr ""
"Este ejemplo muestra sólo las opciones específicas del proveedor AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -7351,7 +7453,7 @@ msgstr ""
"ad_domain = example.com\n"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -7363,7 +7465,7 @@ msgstr ""
"ldap_account_expire_policy = ad\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -8520,25 +8622,16 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_renew_interval (entero)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
-#, fuzzy
-#| msgid ""
-#| "The time in seconds between two checks if the TGT should be renewed. TGTs "
-#| "are renewed if about half of their lifetime is exceeded."
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
"immediately followed by a time unit:"
msgstr ""
-"El tiempo en segundos entre dos comprobaciones si el TGT debiera ser "
-"renovado. TGTs son renovados si alrededor de la mitad de su tiempo de vida "
-"se ha excedido."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:384
@@ -8616,7 +8709,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -8631,7 +8724,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8640,7 +8733,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -10372,16 +10465,11 @@ msgstr "Esta opción puede ser también fijada por dominio."
#. type: Content of: <varlistentry><listitem><para><programlisting>
#: include/override_homedir.xml:46
-#, fuzzy, no-wrap
-#| msgid ""
-#| "override_homedir = /home/%u\n"
-#| " "
+#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
-"override_homedir = /home/%u\n"
-" "
#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:50
@@ -10389,60 +10477,25 @@ msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "Por defecto: No fijado (SSSD usará el valor recuperado desde LDAP)"
#~ msgid ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+#~ "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+#~ "how to translate a (name, domain) tuple into a fully qualified name."
#~ msgstr ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "El formato compatible con <citerefentry> <refentrytitle>printf</"
+#~ "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> por defecto que "
+#~ "describe como traducir una tupla (nombre, dominio) a un nombre "
+#~ "totalmente calificado."
#~ msgid ""
-#~ "The following example illustrates setting up SSSD to download sudo rules "
-#~ "from an IPA server. It is necessary to use the LDAP provider and set "
-#~ "appropriate connection parameters to authenticate correctly against the "
-#~ "IPA server, because SSSD does not have native support of IPA provider for "
-#~ "sudo yet."
+#~ "Regular expression for this domain that describes how to parse the string "
+#~ "containing user name and domain into these components."
#~ msgstr ""
-#~ "El siguiente ejemplo ilustra el ajuste de SSSD para descargar reglas sudo "
-#~ "desde un servidor IPA. Es necesario usar el proveedor LDAP y fijar los "
-#~ "parámetros de conexión apropiados para autenticarse correctamente contra "
-#~ "el servidor IPA, puesto que SSSD no tiene soporte nativo de proveedor IPA "
-#~ "para sudo todavía."
+#~ "Expresión regular para este dominio que describe como analizar la cadena "
+#~ "que contiene el nombre de usuario y el dominio en estos componentes."
#~ msgid ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Optional. This option tells SSSD to automatically update the DNS server "
+#~ "built into FreeIPA v2 with the IP address of this client."
#~ msgstr ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Opcional. Esta opción le dice a SSSD que actualice automáticamente el "
+#~ "servidor DNS construido en FreeIPA v2 con la dirección IP de este cliente."
diff --git a/src/man/po/eu.po b/src/man/po/eu.po
index 4c034cf12..6b0194a7e 100644
--- a/src/man/po/eu.po
+++ b/src/man/po/eu.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: sssd-docs 1.8.95\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
"PO-Revision-Date: 2012-07-18 21:31+0300\n"
"Last-Translator: Automatically generated\n"
"Language-Team: none\n"
@@ -198,7 +198,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -235,19 +235,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr ""
@@ -267,7 +267,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -287,32 +287,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -321,7 +360,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -329,52 +368,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -384,15 +423,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -410,12 +449,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -424,81 +463,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -508,17 +548,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -526,18 +566,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -547,40 +587,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -588,7 +628,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -598,7 +638,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -607,17 +647,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -625,17 +665,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -644,41 +684,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -686,112 +726,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -799,96 +839,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -896,59 +936,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -956,7 +996,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -965,17 +1005,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -983,63 +1023,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1047,51 +1087,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1103,35 +1143,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1139,12 +1179,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1153,24 +1193,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1179,40 +1219,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1224,14 +1264,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1240,129 +1280,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1371,17 +1433,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1390,33 +1452,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1424,8 +1486,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1434,8 +1496,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1443,19 +1505,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1464,17 +1526,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1482,19 +1544,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1502,7 +1564,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1510,30 +1572,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1541,19 +1603,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1562,24 +1624,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1587,7 +1649,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1595,35 +1657,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1631,23 +1693,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1655,7 +1717,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1663,31 +1725,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1695,23 +1757,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1719,7 +1781,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1727,24 +1789,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1752,19 +1814,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1773,29 +1838,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1803,7 +1868,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1811,74 +1876,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1886,56 +1943,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1944,22 +2001,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1969,18 +2026,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1988,29 +2056,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2018,19 +2086,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2038,73 +2106,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2112,17 +2180,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2131,17 +2199,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2149,17 +2217,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2167,18 +2235,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2208,7 +2276,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2549,7 +2617,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2609,7 +2677,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2626,7 +2694,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2636,14 +2704,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2980,9 +3048,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -2997,7 +3065,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3023,16 +3091,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3040,101 +3116,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3142,17 +3226,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3160,14 +3244,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3175,7 +3259,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3184,18 +3268,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3203,172 +3287,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3376,7 +3460,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3384,18 +3468,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3403,12 +3487,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3419,12 +3503,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3432,12 +3516,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3446,34 +3530,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3481,14 +3565,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3496,12 +3580,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3509,17 +3613,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3527,13 +3631,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3542,7 +3646,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3550,26 +3654,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3577,7 +3681,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3585,7 +3689,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3593,41 +3697,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3636,32 +3740,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3669,24 +3773,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3694,29 +3798,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3725,17 +3829,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3743,49 +3847,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3793,27 +3897,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3825,7 +3929,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3833,7 +3937,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3841,53 +3945,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3895,7 +4022,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3903,29 +4030,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3934,56 +4061,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3994,12 +4121,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4008,14 +4135,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4024,24 +4151,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4049,19 +4176,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4070,7 +4197,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4078,7 +4205,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4086,109 +4213,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4199,7 +4334,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4217,213 +4352,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4431,106 +4566,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4539,76 +4674,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4617,46 +4752,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4664,43 +4799,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4708,7 +4843,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4716,7 +4851,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4729,20 +4864,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5177,7 +5312,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5185,18 +5320,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5204,12 +5342,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5217,7 +5355,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5225,24 +5363,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5250,22 +5388,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5277,98 +5415,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-msgid "Default: 0 (disabled)"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5376,86 +5509,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5463,12 +5596,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5476,17 +5609,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5494,12 +5627,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5508,325 +5641,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5834,7 +5967,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5846,7 +5979,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5854,7 +5987,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5950,13 +6083,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5966,12 +6106,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5979,52 +6119,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6032,7 +6183,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6047,7 +6198,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6056,7 +6207,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7121,7 +7272,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7136,7 +7287,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7145,7 +7296,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/fr.po b/src/man/po/fr.po
index 96187cb39..ceecaed73 100644
--- a/src/man/po/fr.po
+++ b/src/man/po/fr.po
@@ -10,8 +10,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 18:00+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-06-07 09:15+0000\n"
"Last-Translator: Jérôme Fenal <jfenal@gmail.com>\n"
"Language-Team: French <trans-fr@lists.fedoraproject.org>\n"
"Language: fr\n"
@@ -212,7 +212,7 @@ msgid ""
"All sections can have an optional <replaceable>description</replaceable> "
"parameter. Its function is only as a label for the section."
msgstr ""
-"Toutes les sections peuvent avoir un paramètre optionnel de "
+"Toutes les sections peuvent avoir un paramètre facultatif de "
"<replaceable>description</replaceable>. Sa fonction ne sert qu'à nommer la "
"section."
@@ -236,7 +236,7 @@ msgid "The [sssd] section"
msgstr "La section [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Paramètres de sections"
@@ -281,12 +281,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -296,7 +296,7 @@ msgstr ""
"d'abandonner"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Par défaut : 3"
@@ -307,12 +307,6 @@ msgstr "domaines"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -323,10 +317,12 @@ msgstr ""
"Un domaine est une base de données contenant les informations utilisateurs. "
"SSSD peut utiliser plusieurs domaines en même temps, au moins un doit être "
"configuré ou SSSD ne démarrera pas. Ce paramètre décrit la liste des "
-"domaines dans l'ordre où ils doivent être requêtés."
+"domaines dans l'ordre où ils doivent être requêtés. Un nom de domaine ne "
+"doit comprendre que des caractères ASCII alphanumériques, des tirets et "
+"caractères soulignés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (chaîne)"
@@ -352,23 +348,76 @@ msgstr ""
"expressions régulières."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (chaîne)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+#, fuzzy
+#| msgid ""
+#| "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+#| "manvolnum> </citerefentry>-compatible format that describes how to "
+#| "translate a (name, domain) tuple for this domain into a fully qualified "
+#| "name."
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
msgstr ""
-"Le format par défaut compatible <citerefentry> <refentrytitle>printf</"
+"Un format compatible avec <citerefentry> <refentrytitle>printf</"
"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant la "
"traduction (nom, domaine) d'un tuple en un domaine pleinement qualifé."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+#, fuzzy
+#| msgid "username"
+msgid "user name"
+msgstr "username"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+#, fuzzy
+#| msgid ""
+#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+#| "\"0\"/>"
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"Options valides pour les domaines proxy. <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
@@ -377,12 +426,12 @@ msgstr ""
"Voir les SECTIONS DOMAINE pour plus d'informations sur cette option."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -395,7 +444,7 @@ msgstr ""
"secondes si inotify échoue."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -405,7 +454,7 @@ msgstr ""
"conseillée. Dans ces rares cas, cette option devrait être définie à « false »"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -414,7 +463,7 @@ msgstr ""
"sur les autres plates-formes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -424,12 +473,12 @@ msgstr ""
"utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -438,7 +487,7 @@ msgstr ""
"de rejeu Kerberos."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
@@ -448,7 +497,7 @@ msgstr ""
"relecture."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
@@ -457,12 +506,12 @@ msgstr ""
"la construction du logiciel. (__LIBKRB5_DEFAULTS__ si non configuré)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -478,7 +527,7 @@ msgstr ""
"domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
@@ -488,8 +537,8 @@ msgstr ""
"user@domain.name, pour se connecter."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -513,12 +562,12 @@ msgstr ""
"l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "SECTIONS DE SERVICES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -531,64 +580,65 @@ msgstr ""
"section doit être <quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "Options générales de configuration de service"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "Ces options peuvent être utilisées pour configurer les services."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "Ajoute un horodatage aux messages de débogage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Par défaut : true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr "Ajouter les microsecondes à l'horodatage dans les messages de débogage"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Par défaut : false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
@@ -597,17 +647,17 @@ msgstr ""
"s'assurer que le processus est toujours actif et capable de répondre."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Par défaut : 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -622,17 +672,17 @@ msgstr ""
"valeur inférieure ou la limite « hard » de limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -644,18 +694,18 @@ msgstr ""
"ressources sur le système."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Par défaut : 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr "force_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -670,12 +720,12 @@ msgstr ""
"l'aide d'un signal SIGKILL."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "Options de configuration NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -683,12 +733,12 @@ msgstr ""
"Switch (NSS)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -697,17 +747,17 @@ msgstr ""
"énumérations (requêtes sur les informations de tous les utilisateurs)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Par défaut : 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -718,7 +768,7 @@ msgstr ""
"valeur de entry_cache_timeout pour le domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -734,7 +784,7 @@ msgstr ""
"cache."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -747,17 +797,17 @@ msgstr ""
"de non réponse à moins de 10 secondes (0 pour désactiver l'option)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "Par défaut : 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -769,17 +819,17 @@ msgstr ""
"appel au moteur."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Par défaut : 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -793,17 +843,17 @@ msgstr ""
"certain domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Par défaut : root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -811,12 +861,12 @@ msgstr ""
"membres de groupes."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -825,7 +875,7 @@ msgstr ""
"explicitement spécifié par le fournisseur de données du domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -833,7 +883,7 @@ msgstr ""
"override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -843,24 +893,24 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Par défaut : non défini (aucune substitution pour les répertoires d'accueil "
"non définis)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr "override_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -870,17 +920,17 @@ msgstr ""
"domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr "allowed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -888,14 +938,14 @@ msgstr ""
"indiquées. L'ordre d'évaluation est :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</"
"quote>, il est utilisé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -905,7 +955,7 @@ msgstr ""
"shell_fallback » sera utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -914,14 +964,14 @@ msgstr ""
"ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
"Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est "
"à la libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -931,31 +981,31 @@ msgstr ""
"est installé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est "
"utilisé automatiquement."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
"Remplace toutes les occurences de ces interpréteurs de commandes par "
"l'interpréteur de commandes par défaut"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr "shell_fallback (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -963,17 +1013,17 @@ msgstr ""
"commandes autorisé n'est pas installé sur la machine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "Par défaut : /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -985,7 +1035,7 @@ msgstr ""
"dans la section [nss], soit par domaine."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -995,12 +1045,12 @@ msgstr ""
"nécessaire, habituellement /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1009,12 +1059,12 @@ msgstr ""
"jugée valide."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (int)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1023,17 +1073,17 @@ msgstr ""
"mémoire seront valides"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Par défaut : 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr "Options de configuration de PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1042,12 +1092,12 @@ msgstr ""
"Module (PAM)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1057,17 +1107,17 @@ msgstr ""
"connexion réussie)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Par défaut : 0 (pas de limite)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1076,12 +1126,12 @@ msgstr ""
"échouées sont autorisées."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1091,7 +1141,7 @@ msgstr ""
"soit possible."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1102,17 +1152,17 @@ msgstr ""
"connexion réussie en ligne peut réactiver l'authentification."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Par défaut : 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1122,44 +1172,44 @@ msgstr ""
"affichés sera important."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "Actuellement sssd supporte les valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis> : ne pas afficher de message"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis> : afficher les messages d'information"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis> : afficher tous les messages et informations de "
"débogage"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Par défaut : 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1171,7 +1221,7 @@ msgstr ""
"les dernières informations."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1185,17 +1235,17 @@ msgstr ""
"fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr "Afficher une alerte N jours avant l'expiration du mot de passe."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1206,7 +1256,7 @@ msgstr ""
"ne peut afficher de message d'alerte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1216,7 +1266,7 @@ msgstr ""
"sera automatiquement affiché."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1225,28 +1275,28 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Par défaut : 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr "Options de configuration de SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
"Les options suivantes peuvent être utilisées pour configurer le service sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr "sudo_timed (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1255,22 +1305,22 @@ msgstr ""
"les entrées sudoers sensibles au temps."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr "Options de configuration AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr "Ces options peuvent être utilisées pour configurer le service autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1282,23 +1332,23 @@ msgstr ""
"moteur."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr "Options de configuration SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
"Les options suivantes peuvent être utilisées pour configurer le service SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1306,12 +1356,12 @@ msgstr ""
"Condenser ou non les noms de systèmes et adresses du fichier known_hosts"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1320,17 +1370,17 @@ msgstr ""
"known_hosts géré après que ses clés de système ont été demandés."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr "Par défaut : 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr "Options de configuration du répondeur PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1349,13 +1399,21 @@ msgstr ""
"décodées et évaluées, les opérations suivantes sont effectuées :"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
+#, fuzzy
+#| msgid ""
+#| "If the remote user does not exist in the cache, it is created. The uid is "
+#| "calculated based on the SID, trusted domains will have UPGs and the gid "
+#| "will have the same value as the uid. The home directory is set based on "
+#| "the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+#| "the system defaults are used, but can be overwritten with the "
+#| "default_shell parameter."
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
"Si l'utilisateur distant n'existe pas dans le cache, il est créé. L'uid est "
@@ -1366,28 +1424,32 @@ msgstr ""
"système, mais peut être remplacé par le paramètre default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
+#, fuzzy
+#| msgid ""
+#| "If there are SIDs of groups from the domain the sssd client belongs to, "
+#| "the user will be added to those groups."
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
"S'il y a des SID de groupes du domaine auquel le client sssd appartient, "
"l'utilisateur sera ajouté à ces groupes."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Les options suivantes peuvent être utilisées pour configurer le répondeur "
"PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr "allowed_uids (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1398,14 +1460,14 @@ msgstr ""
"seront résolus en UID au démarrage."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur "
"PAC)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1418,17 +1480,17 @@ msgstr ""
"0 à la liste des UID d'utilisateurs autorisés."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "SECTIONS DOMAINES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1437,7 +1499,7 @@ msgstr ""
"dehors de ces limites, elle est ignorée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1450,17 +1512,17 @@ msgstr ""
"qui sont dans la plage seront rapportés comme prévu."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Default: 1 for min_id, 0 (no limit) for max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerate (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1469,23 +1531,23 @@ msgstr ""
"valeurs suivantes :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = utilisateurs et groupes sont énumérés"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = aucune énumération pour ce domaine"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Par défaut : FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1506,7 +1568,7 @@ msgstr ""
"être recalculées."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1516,7 +1578,7 @@ msgstr ""
"l'énumération ne se termine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1530,7 +1592,7 @@ msgstr ""
"fournisseur d'identité spécifique utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1539,12 +1601,12 @@ msgstr ""
"déconseillée, surtout dans les environnements de grande taille."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1553,17 +1615,17 @@ msgstr ""
"comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Par défaut : 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1572,18 +1634,18 @@ msgstr ""
"d'utilisateurs comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr "Par défaut : entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1592,12 +1654,12 @@ msgstr ""
"groupes comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1606,12 +1668,12 @@ msgstr ""
"netgroup comme valides avant de les redemander au moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1620,12 +1682,12 @@ msgstr ""
"service valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1634,12 +1696,12 @@ msgstr ""
"valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1648,31 +1710,61 @@ msgstr ""
"cartes d'automontage comme valides avant de les redemander au moteur"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+#, fuzzy
+#| msgid "dyndns_refresh_interval (integer)"
+msgid "refresh_expired_interval (integer)"
+msgstr "dyndns_refresh_interval (entier)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+#, fuzzy
+#| msgid ""
+#| "Specifies how many seconds SSSD has to wait before refreshing its cache "
+#| "of enumerated records."
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+"Spécifie la durée en secondes pendant laquelle SSSD doit attendre avant "
+"d'actualiser son cache d\"énumération d'enregistrements."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr "Par défaut : 0 (désactivé)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Détermine si les données d'identification de l'utilisateur sont aussi mis en "
"cache dans le cache LDB local"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Les informations d'identification utilisateur sont stockées dans une table "
"de hachage SHA512, et non en texte brut"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1685,17 +1777,17 @@ msgstr ""
"paramètre doit être supérieur ou égal à offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Par défaut : 0 (illimité)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1708,17 +1800,17 @@ msgstr ""
"fournisseur oauth doit être configuré pour le moteur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1726,18 +1818,18 @@ msgstr ""
"d'identification pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "<quote>proxy</quote> : prise en charge de l'ancien fournisseur NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
"<quote>local</quote> : Fournisseur interne SSSD pour les utilisateurs locaux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1749,8 +1841,8 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1763,8 +1855,8 @@ msgstr ""
"configuration de FreeIPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1776,12 +1868,12 @@ msgstr ""
"d'Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1791,7 +1883,7 @@ msgstr ""
"communiqué à NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1805,17 +1897,17 @@ msgstr ""
"trouve."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1826,12 +1918,12 @@ msgstr ""
"traitement des appels de recherche de groupes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1840,7 +1932,7 @@ msgstr ""
"pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1852,7 +1944,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1863,7 +1955,7 @@ msgstr ""
"citerefentry> pour plus d'informations sur la configuration de Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
@@ -1871,12 +1963,12 @@ msgstr ""
"PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> désactive l'authentification explicitement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1885,12 +1977,12 @@ msgstr ""
"gérer les requêtes d'authentification."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1901,7 +1993,7 @@ msgstr ""
"installés). Les fournisseurs internes spécifiques sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1910,12 +2002,12 @@ msgstr ""
"d'accès autorisé pour un domaine local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> toujours refuser les accès."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1928,17 +2020,17 @@ msgstr ""
"d'informations sur la configuration du module d'accès simple."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "Par défaut : <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr "chpass_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1947,7 +2039,7 @@ msgstr ""
"domaine. Les fournisseurs pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1959,7 +2051,7 @@ msgstr ""
"configuration LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1971,7 +2063,7 @@ msgstr ""
"Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1979,14 +2071,14 @@ msgstr ""
"autre cible PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
"<quote>none</quote> pour désactiver explicitement le changement de mot de "
"passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1995,19 +2087,19 @@ msgstr ""
"peut gérer les changements de mot de passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr "sudo_provider (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en "
"charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2019,25 +2111,25 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> désactive explicitement SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle "
"est définie."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr "selinux_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2048,7 +2140,7 @@ msgstr ""
"fournisseur d'accès. Les fournisseurs selinux pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2060,14 +2152,14 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> n'autorise pas la récupération explicite des paramètres "
"selinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2076,12 +2168,12 @@ msgstr ""
"gérer le chargement selinux"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2091,7 +2183,7 @@ msgstr ""
"fournisseurs de sous-domaine pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2103,26 +2195,26 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
"<quote>none</quote> désactive la récupération explicite des sous-domaines."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr "autofs_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
"Le fournisseur autofs utilisé pour le domaine. Les fournisseurs autofs pris "
-"en charge sont&nbsp;:"
+"en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2134,7 +2226,7 @@ msgstr ""
"LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2146,26 +2238,26 @@ msgstr ""
"IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> désactive explicitement autofs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr "hostid_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
"Le fournisseur utilisé pour récupérer les informations d'identité des "
-"systèmes. Les fournisseurs de hostid pris en charge sont&nbsp;:"
+"systèmes. Les fournisseurs de hostid pris en charge sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2177,21 +2269,22 @@ msgstr ""
"configuration de IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> désactive explicitement hostid."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
-"Expressions rationnelles qui décrivent la manière d'analyser les chaînes "
-"contenant les informations utilisateur et domaine dans ces composants."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2204,22 +2297,22 @@ msgstr ""
"styles différents pour les noms d'utilisateurs :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2229,7 +2322,7 @@ msgstr ""
"utilisateurs de domaines Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2240,7 +2333,7 @@ msgstr ""
"importe le domaine après »"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2252,7 +2345,7 @@ msgstr ""
"prendre en charge les sous-motifs nommés multiples."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2261,28 +2354,17 @@ msgstr ""
"la syntaxe Python (?P&lt;name&gt;) pour nommer les sous-motifs."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-"Un format compatible avec <citerefentry> <refentrytitle>printf</"
-"refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant la "
-"traduction (nom, domaine) d'un tuple en un domaine pleinement qualifé."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Par défaut : <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2291,48 +2373,48 @@ msgstr ""
"utiliser pour effectuer les requêtes DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Valeurs prises en charge :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, "
"essayer IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter "
"IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "Par défaut : ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2343,12 +2425,12 @@ msgstr ""
"domaine continuera à opérer en mode déconnecté."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2357,29 +2439,29 @@ msgstr ""
"du domaine faisant partie de la requête DNS de découverte de services."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Par défaut : utiliser la partie du domaine qui est dans le nom de système de "
"la machine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr "override_gid (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr "Redéfinit le GID primaire avec la valeur spécifiée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2388,17 +2470,17 @@ msgstr ""
"Actuellement, cette option n'est pas supportée dans le fournisseur local."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr "Par défaut : True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2412,26 +2494,22 @@ msgstr ""
"afin d'améliorer les performances."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
-msgstr ""
+msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
-msgstr ""
+msgstr "nom plat (NetBIOS) d'un sous-domaine."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
-#, fuzzy
-#| msgid ""
-#| "Use this homedir as default value for all subdomains within this domain. "
-#| "See <emphasis>override_homedir</emphasis> for info about possible values."
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2441,10 +2519,13 @@ msgid ""
msgstr ""
"Utiliser ce répertoire utilisateur comme valeur par défaut pour tous les "
"sous-domaines dans ce domaine. Voir <emphasis>override_homedir</emphasis> "
-"pour des informations sur les valeurs possibles."
+"pour des informations sur les valeurs possibles. En plus de celles-ci, le "
+"remplacement ci-dessous ne peut être utilisé qu'avec "
+"<emphasis>subdomain_homedir</emphasis>. <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2452,12 +2533,25 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Par défaut : <filename>/home/%d/%u</filename>"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (chaîne)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2469,17 +2563,17 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr "Le proxy cible duquel PAM devient mandataire."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2488,12 +2582,12 @@ msgstr ""
"ou en créer une nouvelle et ajouter le nom de service ici."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2504,7 +2598,7 @@ msgstr ""
"$(libName)_$(function), par exemple _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2513,12 +2607,12 @@ msgstr ""
"id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "La section du domaine local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2529,29 +2623,29 @@ msgstr ""
"dire un domaine qui utilise <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"L'interpréteur de commandes par défaut pour les utilisateurs créés avec les "
"outils en espace utilisateur SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Par défaut : <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2560,17 +2654,17 @@ msgstr ""
"replaceable> et l'utilisent comme dossier personnel."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "Par défaut : <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2579,17 +2673,17 @@ msgstr ""
"utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Par défaut : TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (booléen)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2598,12 +2692,12 @@ msgstr ""
"suppression des utilisateurs. Peut être outrepassé par la ligne de commande."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (entier)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2614,17 +2708,17 @@ msgstr ""
"défaut sur un répertoire personnel nouvellement créé."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Par défaut : 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2637,17 +2731,17 @@ msgstr ""
"manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Par défaut : <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2658,17 +2752,17 @@ msgstr ""
"précisé, la valeur par défaut est utilisée."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Par défaut : <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (chaîne)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2679,18 +2773,18 @@ msgstr ""
"code en retour de la commande n'est pas pris en compte."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "Par défaut : None, aucune commande lancée"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "EXEMPLE"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2744,7 +2838,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3155,7 +3249,7 @@ msgstr ""
"L'attribut LDAP correspondant à l'id du groupe primaire de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr "Par défaut : gidNumber"
@@ -3219,7 +3313,7 @@ msgstr ""
"L'attribut LDAP qui contient les UUID/GUID d'un objet LDAP utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "Par défaut : nsUniqueId"
@@ -3238,7 +3332,7 @@ msgstr ""
"n'est habituellement nécessaire que pour les serveurs Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"Par défaut : objectSid pour ActiveDirectory, indéfini pour les autres "
@@ -3250,7 +3344,7 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -3259,7 +3353,7 @@ msgstr ""
"l'objet parent."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "Par défaut : modifyTimestamp"
@@ -3653,9 +3747,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "L'attribut LDAP correspondant au nom complet de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "Par défaut : cn"
@@ -3671,7 +3765,7 @@ msgstr ""
"L'attribut LDAP énumérant les groupes auquel appartient un utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr "Par défaut : memberOf"
@@ -3702,16 +3796,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr "Par défaut : authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3722,7 +3824,7 @@ msgstr ""
"déterminer les autorisations d'accès."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -3731,77 +3833,85 @@ msgstr ""
"autorisations explicites (host) et enfin toutes les autorisations (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr "Par défaut : host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr "La classe d'objet d'une entrée de groupe dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "Par défaut : posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr "L'attribut LDAP correspondant au nom du groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "L'attribut LDAP correspondant à l'identifiant de groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "L'attribut LDAP contenant les noms des membres du groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Par défaut : memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet groupe LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
@@ -3810,17 +3920,17 @@ msgstr ""
"n'est habituellement nécessaire que pour les serveurs Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3832,17 +3942,17 @@ msgstr ""
"schéma RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "Par défaut : 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3854,7 +3964,7 @@ msgstr ""
"complexes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
@@ -3864,7 +3974,7 @@ msgstr ""
"imbrications très complexes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3875,7 +3985,7 @@ msgstr ""
"essentiellement « auto-detect »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3888,18 +3998,18 @@ msgstr ""
"documentation de MSDN(TM)</ulink> pour plus de détails."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "Par défaut : False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3911,71 +4021,71 @@ msgstr ""
"complexes)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr "La classe d'objet d'une entrée de netgroup dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
"Pour un fournisseur IPA, ipa_netgroup_object_class doit être utilisé à la "
"place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr "Par défaut : nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "L'attribut LDAP correspondant au nom du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
"Dans le fournisseur IPA, ipa_netgroup_name doit être utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr "L'attribut LDAP contenant les noms des membres du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
"Dans le fournisseur IPA, ipa_netgroup_member doit être utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr "Par défaut : memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
@@ -3983,59 +4093,59 @@ msgstr ""
"netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr "Cette option n'est pas disponible dans le fournisseur IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "Par défaut : nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr "L'attribut LDAP contenant les UUID/GUID d'un objet netgroup LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
"Dans le fournisseur IPA, ipa_netgroup_uuid doit être utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr "La classe d'objet d'une entrée de service LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr "Par défaut : ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
@@ -4044,48 +4154,48 @@ msgstr ""
"alias."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "L'attribut LDAP qui contient le port géré par ce service."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr "Par défaut : ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr "L'attribut LDAP qui contient les protocoles compris par ce service."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr "Par défaut : ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -4096,7 +4206,7 @@ msgstr ""
"activation du mode hors ligne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -4107,18 +4217,18 @@ msgstr ""
"différents types de recherches."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Par défaut : 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -4129,12 +4239,12 @@ msgstr ""
"résultats mis en cache (et activation du mode hors ligne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -4151,12 +4261,12 @@ msgstr ""
"citerefentry> rendent la main en cas d'inactivité."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -4167,12 +4277,12 @@ msgstr ""
"contrôler le délai de communication avec le KDC dans le cas d'un appel SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -4185,17 +4295,17 @@ msgstr ""
"courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr "Par défaut : 900 (15 minutes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -4204,17 +4314,17 @@ msgstr ""
"Certains serveurs LDAP imposent une limite maximale par requête."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr "Par défaut : 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -4226,7 +4336,7 @@ msgstr ""
"correctement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
@@ -4236,7 +4346,7 @@ msgstr ""
"sera impossible de l'utiliser."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -4247,12 +4357,34 @@ msgstr ""
"cela peut entraîner l'échec de certaines demandes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_disable_paging (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_disable_paging (boolean)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -4263,19 +4395,19 @@ msgstr ""
"de cette option sont définies par OpenLDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
"Par défaut : Utiliser la valeur par défaut du système (généralement spécifié "
"par ldap.conf)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -4286,7 +4418,7 @@ msgstr ""
"membres manquants est inférieur, ils sont recherchés individuellement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
@@ -4294,7 +4426,7 @@ msgstr ""
"affectant la valeur 0."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -4307,7 +4439,7 @@ msgstr ""
"acceptés sont 389/RHDS, OpenLDAP et Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -4318,12 +4450,12 @@ msgstr ""
"déréférencement est désactivée indépendamment de ce paramètre."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -4332,7 +4464,7 @@ msgstr ""
"session TLS, si elle existe. Une des valeurs suivantes est utilisable :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -4341,7 +4473,7 @@ msgstr ""
"quelconque certificat du serveur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4352,7 +4484,7 @@ msgstr ""
"certificat est fourni, il est ignoré et la session continue normalement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4363,7 +4495,7 @@ msgstr ""
"certificat est fourni, la session se termine immédiatement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -4374,22 +4506,22 @@ msgstr ""
"immédiatement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "Par défaut : hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -4398,7 +4530,7 @@ msgstr ""
"certification que <command>sssd</command> reconnaîtra."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -4407,12 +4539,12 @@ msgstr ""
"<filename>/etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -4426,32 +4558,32 @@ msgstr ""
"corrects."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr "Définit le fichier qui contient le certificat pour la clef du client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr "Définit le fichier qui contient la clef du client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4463,12 +4595,12 @@ msgstr ""
"manvolnum></citerefentry> pour le format."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4478,12 +4610,12 @@ msgstr ""
"canal."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4495,19 +4627,19 @@ msgstr ""
"ldap_group_gid_number."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"Cette fonctionnalité ne prend actuellement en charge que la correspondance "
"par objectSID avec Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4516,12 +4648,12 @@ msgstr ""
"pris en charge."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4535,17 +4667,17 @@ msgstr ""
"exemple host/myhost)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr "Par défaut : host/hostname@REALM"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr "ldap_sasl_realm (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4556,17 +4688,17 @@ msgstr ""
"domaine, cette option est ignorée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr "Par défaut : la valeur de krb5_realm."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4575,34 +4707,34 @@ msgstr ""
"le nom de l'hôte au cours d'une liaison SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "Défaut : false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Définit le fichier keytab à utiliser pour utiliser SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4613,27 +4745,27 @@ msgstr ""
"SASL est utilisé et que le mécanisme choisi est GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Définit la durée de vie, en secondes, des TGT si GSSAPI est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Par défaut : 86400 (24 heures)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4653,7 +4785,7 @@ msgstr ""
"SERVICES</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4664,7 +4796,7 @@ msgstr ""
"comme protocole, et passe sur _tcp si aucune entrée n'est trouvée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4676,29 +4808,29 @@ msgstr ""
"l'utilisation de <quote>krb5_server</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Définit le DOMAINE de Kerberos (pour l'authentification SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4708,12 +4840,46 @@ msgstr ""
"Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_canonicalize (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_canonicalize (booléen)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+#, fuzzy
+#| msgid ""
+#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring LDAP."
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+"<quote>ldap</quote> : fournisseur LDAP. Cf. "
+"<citerefentry><refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum></citerefentry> pour plus d'informations sur la configuration de "
+"LDAP."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4722,7 +4888,7 @@ msgstr ""
"valeurs suivantes sont acceptées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4731,7 +4897,7 @@ msgstr ""
"peut pas désactiver la politique sur les mots de passe du côté serveur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4742,7 +4908,7 @@ msgstr ""
"manvolnum></citerefentry> pour évaluer si le mot de passe a expiré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4754,22 +4920,22 @@ msgstr ""
"est changé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "Par défaut : aucun"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr "Définit si le déréférencement automatique doit être activé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4778,7 +4944,7 @@ msgstr ""
"compilé avec OpenLDAP version 2.4.13 ou supérieur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4792,29 +4958,29 @@ msgstr ""
"permettre d'améliorer de façon notable les performances."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Définit le nom de service à utiliser quand la découverte de services est "
"activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "Par défaut : ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4823,19 +4989,19 @@ msgstr ""
"un changement de mot de passe quand la découverte de services est activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
"Par défaut : non défini, c'est-à-dire que le service de découverte est "
"désactivé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
@@ -4845,12 +5011,12 @@ msgstr ""
"de passe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4868,12 +5034,12 @@ msgstr ""
"permit de changer ce comportement par défaut."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Exemple:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4885,7 +5051,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4894,7 +5060,7 @@ msgstr ""
"allowedusers »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4906,17 +5072,17 @@ msgstr ""
"Si tel était le cas, l'accès sera conservé en mode hors-ligne et vice-versa."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr "Par défaut : vide"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4925,7 +5091,7 @@ msgstr ""
"être activée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4937,12 +5103,12 @@ msgstr ""
"correct."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "Les valeurs suivantes sont autorisées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4951,7 +5117,7 @@ msgstr ""
"pour déterminer si le compte a expiré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4964,7 +5130,7 @@ msgstr ""
"d'expiration du compte est aussi vérifiée."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4975,7 +5141,7 @@ msgstr ""
"l'accès est autorisé ou non."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4987,30 +5153,38 @@ msgstr ""
"ldap_user_nds_login_expiration_time sont utilisées pour vérifier si l'accès "
"est autorisé. Si les deux attributs sont manquants, l'accès est autorisé."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Liste séparées par des virgules des options de contrôles d'accès. Les "
"valeurs autorisées sont :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -5019,18 +5193,18 @@ msgstr ""
"authorizedService pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Par défaut : filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5039,12 +5213,12 @@ msgstr ""
"de configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5053,12 +5227,12 @@ msgstr ""
"recherche. Les options suivantes sont autorisées :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5068,7 +5242,7 @@ msgstr ""
"recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5077,7 +5251,7 @@ msgstr ""
"la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5086,7 +5260,7 @@ msgstr ""
"recherche et et la localisation de l'objet de base de la recherche."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5095,12 +5269,12 @@ msgstr ""
"bibliothèques clientes LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5109,7 +5283,7 @@ msgstr ""
"LDAP pour les serveurs qui utilisent le schéma RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5127,7 +5301,7 @@ msgstr ""
"initgoups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5153,57 +5327,57 @@ msgstr ""
"détails. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr "OPTIONS DE SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr "La classe d'objet d'une entrée de règle de sudo dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr "Par défaut : sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "L'attribut LDAP qui correspond au nom de la règle de sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr "L'attribut LDAP qui correspond au nom de la commande."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr "Par défaut : sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5212,17 +5386,17 @@ msgstr ""
"réseau IP de l'hôte ou netgroup de l'hôte)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr "Par défaut : sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5231,32 +5405,32 @@ msgstr ""
"groupe ou netgroup de l'utilisateur)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr "Par défaut : sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "L'attribut LDAP qui correspond aux options sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr "Par défaut : sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5265,17 +5439,17 @@ msgstr ""
"nom d'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr "Par défaut : sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5284,17 +5458,17 @@ msgstr ""
"les commandes seront être exécutées."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr "Par défaut : sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5303,17 +5477,17 @@ msgstr ""
"règle sudo est valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr "Par défaut : sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -5322,32 +5496,32 @@ msgstr ""
"règle sudo ne sera plus valide."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr "Par défaut : sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "L'attribut LDAP qui correspond à l'index de tri de la règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr "Par défaut : sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5357,7 +5531,7 @@ msgstr ""
"règles qui sont stockées sur le serveur)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5366,17 +5540,17 @@ msgstr ""
"emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr "Par défaut : 21600 (6 heures)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5388,7 +5562,7 @@ msgstr ""
"cache)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5397,12 +5571,12 @@ msgstr ""
"modifyTimestamp est utilisé à la place."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -5412,12 +5586,12 @@ msgstr ""
"noms de systèmes)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5426,7 +5600,7 @@ msgstr ""
"doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -5435,8 +5609,8 @@ msgstr ""
"nom de système et le nom de domaine pleinement qualifié."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5445,17 +5619,17 @@ msgstr ""
"emphasis>, alors cette option n'a aucun effet."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr "Par défaut : non spécifié"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5464,7 +5638,7 @@ msgstr ""
"IPv6 qui doivent être utilisés pour filtrer les règles."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5473,12 +5647,12 @@ msgstr ""
"automatiquement."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -5487,12 +5661,12 @@ msgstr ""
"netgroup dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -5501,12 +5675,12 @@ msgstr ""
"un joker dans l'attribut sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5519,12 +5693,12 @@ msgstr ""
"manvolnum></citerefentry>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr "OPTIONS AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5533,48 +5707,48 @@ msgstr ""
"qui est RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
"La classe d'objet d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr "Par défaut : automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr "Le nom d'une entrée de table de montage automatique dans LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr "Par défaut : ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5583,17 +5757,17 @@ msgstr ""
"généralement à un point de montage."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr "Par défaut : automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5606,32 +5780,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "OPTIONS AVANCÉES"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5640,7 +5814,7 @@ msgstr ""
"restreint les recherches utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5649,7 +5823,7 @@ msgstr ""
"utilisée par ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5659,7 +5833,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5668,12 +5842,12 @@ msgstr ""
"interpréteur de commande défini en /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (chaînes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5682,7 +5856,7 @@ msgstr ""
"restreint les recherches de groupe."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5691,17 +5865,17 @@ msgstr ""
"utilisée par ldap_group_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5713,7 +5887,7 @@ msgstr ""
"\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5724,7 +5898,7 @@ msgstr ""
"replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5744,20 +5918,20 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6301,7 +6475,7 @@ msgid ""
"Specifies the name of the IPA domain. This is optional. If not provided, "
"the configuration domain name is used."
msgstr ""
-"Définit le nom du domaine IPA. Optionnel, s'il n'est pas fourni, le nom de "
+"Définit le nom du domaine IPA. Facultatif, s'il n'est pas fourni, le nom de "
"domaine de la configuration est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
@@ -6321,7 +6495,7 @@ msgstr ""
"La liste par ordre de préférence séparée par des virgules des adresses IP ou "
"des noms de systèmes des serveurs IPA auxquels SSSD doit se connecter . Pour "
"plus d'informations sur la redondance de serveurs et le basculement, "
-"consulter la section de <quote>BASCULEMENT</quote>. Ceci est optionnel si "
+"consulter la section de <quote>BASCULEMENT</quote>. Ceci est facultatif si "
"la découverte automatique est activée. Pour plus d'informations sur la "
"découverte de services, se reporter à la section de <quote>DÉCOUVERTE DE "
"SERVICE</quote>."
@@ -6337,28 +6511,27 @@ msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the IPA domain to identify this host."
msgstr ""
-"Optionnel. Peut être défini pour des machines dont le hostname(5) ne reflète "
-"pas le nom de domaine pleinement qualifié du domaine IPA pour identifier "
-"l'hôte."
+"Facultatif. Peut être défini pour des machines dont le hostname(5) ne "
+"reflète pas le nom de domaine pleinement qualifié du domaine IPA pour "
+"identifier l'hôte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (booléen)"
+msgstr "dyndns_update (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
-"Optionnel. Cette option indique à SSSD de mettre à jour automatiquement le "
-"serveur DNS de FreeIPA avec l'adresse IP du client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -6368,97 +6541,93 @@ msgstr ""
"être défini correctement dans /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
"emphasis> in their config file."
msgstr ""
+"REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option "
+"<emphasis>ipa_dyndns_update</emphasis>, les utilisateurs doivent maintenant "
+"utiliser <emphasis>dyndns_update</emphasis> dans leur fichier de "
+"configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "ipa_dyndns_ttl (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "ipa_dyndns_ttl (entier)"
+msgstr "dyndns_ttl (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
-#, fuzzy
-#| msgid ""
-#| "The TTL to apply to the client DNS record when updating it. If "
-#| "ipa_dyndns_update is false this has no effect. This will override the TTL "
-#| "serverside if set by an administrator."
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
"serverside if set by an administrator."
msgstr ""
"Le TTL à appliquer à l'enregistrement du client DNS lors de sa mise à jour. "
-"Si ipa_dyndns_update a la valeur false, cela n'a aucun effet. Cela "
-"remplacera le TTL côté serveur s'il est défini par un administrateur."
+"Si dyndns_update a la valeur false, cela n'a aucun effet. Cela remplacera le "
+"TTL côté serveur s'il est défini par un administrateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
"emphasis> in their config file."
msgstr ""
+"REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option "
+"<emphasis>ipa_dyndns_ttl</emphasis>, les utilisateurs doivent maintenant "
+"utiliser <emphasis>dyndns_ttl</emphasis> dans leur fichier de configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr "Par défaut : 1200 (secondes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (chaîne)"
+msgstr "dyndns_iface (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
-#, fuzzy
-#| msgid ""
-#| "Optional. Applicable only when ipa_dyndns_update is true. Choose the "
-#| "interface whose IP address should be used for dynamic DNS updates."
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
-"Optionnel. Applicable seulement quand ipa_dyndns_update est vrai. Choisit "
+"Facultatif. Applicable seulement quand dyndns_update est vrai. Choisit "
"l'interface dont l'adresse IP sera utilisée pour les mises à jour dynamiques "
"du DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
"emphasis> in their config file."
msgstr ""
+"REMARQUE : Bien qu'il soit toujours possible d'utiliser l'ancienne option "
+"<emphasis>ipa_dyndns_iface</emphasis>, les utilisateurs doivent maintenant "
+"utiliser <emphasis>dyndns_iface</emphasis> dans leur fichier de "
+"configuration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Par défaut : utilise l'adresse IP de la connexion IPA LDAP"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (booléen)"
+msgstr "ipa_enable_dns_sites (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
-msgstr ""
+msgstr "Active les sites DNS - découverte de service basée sur l'emplacement"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -6468,107 +6637,116 @@ msgid ""
"discovery are treated as primary servers and the IPA servers located using "
"the traditional SRV discovery are used as back up servers"
msgstr ""
+"Si true et que la découverte de service (cf. le paragraphe Découverte de "
+"service au bas de la page de manuel) est activée, alors SSSD tentera d'abord "
+"une découverte basée sur l'emplacement en utilisant une requête contenant "
+"« _location.hostname.example.com », puis reviendra à une découverte SRV "
+"traditionnelle. Si la découverte basée sur l'emplacement réussit, les "
+"serveurs IPA ainsi découverts sont traités comme serveurs primaires, et les "
+"serveurs identifiés via la découverte basée sur les enregistrements SRV "
+"seront utilisés comme serveurs de repli"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "ldap_sudo_smart_refresh_interval (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "ldap_sudo_smart_refresh_interval (integer)"
+msgstr "dyndns_refresh_interval (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: loginDisabled"
-msgid "Default: 0 (disabled)"
-msgstr "Par défaut : loginDisabled"
+"Fréquence de mise à jour des DNS par le moteur en plus des mises à jour "
+"automatiques effectuées lorsque le moteur arrive en ligne. Cette option est "
+"facultative, et n'est applicable que lorsque l'option dyndns_update est "
+"configurée à true."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (booléen)"
+msgstr "dyndns_update_ptr (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
+"Selon que l'enregistrement PTR doit être explicitement mis à jour lors de la "
+"mise à jour des enregistrements DNS du client. Applicable uniquement lorsque "
+"l'option dyndns_update est configurée à true."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
+#, fuzzy
+#| msgid ""
+#| "This options should be False in most IPA deployments as the IPA server "
+#| "generates the PTR records automatically when forward records are changed."
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
+"Cette option doit être positionnée à False pour la plupart des déploiements "
+"IPA, puisque le serveur IPA crée les enregistrements PTR automatiquement "
+"quand les enregistrements directs sont modifiés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: loginDisabled"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Par défaut : loginDisabled"
+msgstr "Par défaut : False (désactivé)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (booléen)"
+msgstr "dyndns_force_tcp (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
+"Selon que l'utilitaire nsupdate doit utiliser TCP par défaut pour la "
+"communication avec le serveur DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
-msgstr ""
+msgstr "Par défaut : False (laisser nsupdate choisir le protocole)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets "
"HBAC associés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr "Par défaut : utilise le DN de base"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
"Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger "
"des objets."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6577,7 +6755,7 @@ msgstr ""
"configuration des bases de recherche multiples."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -6588,71 +6766,71 @@ msgstr ""
"sera ignoré."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"Facultatif. Utiliser la chaîne donnée comme base de recherche pour les "
"mappages utilisateur SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"Facultatif. Utiliser la chaîne donnée comme base de recherche pour les "
"domaines approuvés."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"Facultatif. Utiliser la chaîne donnée comme base de recherche objet de "
"domaine maître."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr "Vérifie avec l'aide de krb5_keytab que le TGT obtenu n'est pas usurpé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6661,7 +6839,7 @@ msgstr ""
"original."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6670,7 +6848,7 @@ msgstr ""
"valeur de <quote>ipa_domain</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6679,7 +6857,7 @@ msgstr ""
"convertit en DN de base pour effectuer les opérations LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6690,12 +6868,12 @@ msgstr ""
"Cette fonctionnalité est disponible avec MIT Kerberos > = 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6706,17 +6884,17 @@ msgstr ""
"beaucoup de requêtes de contrôle d'accès sur une courte période."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr "Par défaut : 5 (secondes)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr "ipa_hbac_selinux (entier)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -6727,12 +6905,12 @@ msgstr ""
"requêtes de connexions utilisateurs sur une courte période."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6746,7 +6924,7 @@ msgstr ""
"charge les deux modes opératoires pendant cette période de transition :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6755,7 +6933,7 @@ msgstr ""
"utilisateur ne pourra se connecter."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6764,64 +6942,64 @@ msgstr ""
"Attention avec cette option, elle peut ouvrir des accès imprévus."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr "Par défaut : DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr "Si false, srchost tel qu'il figure à SSSD par PAM sera ignoré."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
"Noter que si la valeur <emphasis>False</emphasis>, cette option implique que "
"les filtres donnés en <emphasis>ipa_host_search_base</emphasis> seront "
-"ignoré&nbp;;"
+"ignorés ;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr "L'emplacement à automonter qu'utilisera ce client IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr "Par défaut : Le lieu nommé « default »"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "L'attribut LDAP qui répertorie les appartenances aux netgroups."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6830,17 +7008,17 @@ msgstr ""
"membres directs du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr "Par défaut : memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6849,17 +7027,17 @@ msgstr ""
"sont membres directs du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr "Par défaut : memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6868,77 +7046,77 @@ msgstr ""
"des groupes de systèmes qui appartiennent au groupe réseau."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr "Par défaut : externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr "L'attribut LDAP qui contient le nom de domaine NIS du netgroup."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr "Par défaut : nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr "La classe de l'objet d'une entrée d'hôte dans l'annuaire LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr "Par défaut : ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "L'attribut LDAP qui contient le nom de domaine complet du système."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr "Par défaut : nom de domaine complet"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "L'attribut LDAP qui contient le nom de SELinux usermap."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
@@ -6946,12 +7124,12 @@ msgstr ""
"cette règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
@@ -6960,12 +7138,12 @@ msgstr ""
"cette règle."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6974,32 +7152,32 @@ msgstr ""
"pour la correspondance au lieu de memberUser et memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr "Par défaut : seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "L'attribut LDAP qui contient la chaîne utilisateur SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr "Par défaut : ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -7008,78 +7186,78 @@ msgstr ""
"pour utilisation ou non."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr "Par défaut : ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
"L'attribut LDAP qui contient la catégorie utilisateur tels que « all »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr "Par défaut : userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "L'attribut LDAP qui contient la catégorie hôte tels que « all »."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr "Par défaut : hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "L'attribut LDAP qui contient l'ID unique de la carte de l'utilisateur."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr "Par défaut : ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "L'attribut LDAP qui contient les clés publiques SSH de l'hôte."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr "Par défaut : ipaSshPubKey"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr "FOURNISSEURS DE SOUS-DOMAINES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
@@ -7088,7 +7266,7 @@ msgstr ""
"configuré explicitement ou implicitement."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -7100,16 +7278,7 @@ msgstr ""
"serveur IPA si nécessaire."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
-#, fuzzy
-#| msgid ""
-#| "If the option 'subdomains_provider' is not set in the domain section of "
-#| "sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains "
-#| "provider is configured implictly. In this case, if a subdomain request "
-#| "fails and indicates that the server does not support subdomains, i.e. is "
-#| "not configured for trusts, the IPA subdomains provider is disabled. After "
-#| "an hour or after the IPA provider goes online, the subdomains provider is "
-#| "enabled again."
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -7120,16 +7289,16 @@ msgid ""
"enabled again."
msgstr ""
"Si l'option « subdomains_provider » n'est pas définie dans la section "
-"domaine de sssd.conf, mais s'il y a l'option « id_provider = ipa », le "
+"domaine de sssd.conf, mais qu'il y a l'option « id_provider = ipa », le "
"fournisseur de sous-domaines IPA est configuré implicitement. Dans ce cas, "
"si une demande de sous-domaine échoue et indique que le serveur ne prend pas "
-"en charge les sous-domaines, c'est-à-dire n'est pas configuré pour les "
-"approbations, le fournisseur de sous-domaines IPA est désactivé. Après une "
-"heure ou après que le fournisseur IPA arrive en ligne, le fournisseur de "
-"sous-domaines est à nouveau activé."
+"en charge les sous-domaines, c'est-à-dire qu'il n'est pas configuré pour les "
+"relations d'approbations, le fournisseur de sous-domaines IPA est désactivé. "
+"Après une heure ou après que le fournisseur IPA arrive en ligne, le "
+"fournisseur de sous-domaines est à nouveau activé."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7140,7 +7309,7 @@ msgstr ""
"exemples montrent seulement les options spécifiques au fournisseur IPA."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -7234,13 +7403,6 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:63
-#, fuzzy
-#| msgid ""
-#| "By default, the AD provider will map UID and GID values from the "
-#| "objectSID parameter in Active Directory. For details on this, see the "
-#| "<quote>ID MAPPING</quote> section below. If you want to disable ID "
-#| "mapping and instead rely on POSIX attributes defined in Active Directory, "
-#| "you should set <placeholder type=\"programlisting\" id=\"0\"/>"
msgid ""
"By default, the AD provider will map UID and GID values from the objectSID "
"parameter in Active Directory. For details on this, see the <quote>ID "
@@ -7256,7 +7418,10 @@ msgstr ""
"D'IDENTIFIANTS</quote> ci-dessous. Si vous souhaitez désactiver la "
"correspondance d'ID et vous appuyer plutôt sur les attributs POSIX définis "
"dans Active Directory, il faut définir <placeholder type=\"programlisting\" "
-"id=\"0\"/>"
+"id=\"0\"/> Les utilisateurs, les groupes et autres objets servis par SSSD "
+"sont toujours traités comme étant insensibles à la casse dans le fournisseur "
+"AD de manière à rester compatible avec la mise en œuvre de LDAP dans Active "
+"Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:86
@@ -7269,8 +7434,8 @@ msgid ""
"Specifies the name of the Active Directory domain. This is optional. If not "
"provided, the configuration domain name is used."
msgstr ""
-"Spécifie le nom du domaine Active Directory. Ceci est optionnel. S'il n'est "
-"pas fourni, le nom de domaine de la configuration est utilisé."
+"Spécifie le nom du domaine Active Directory. Ceci est facultatif. S'il "
+"n'est pas fourni, le nom de domaine de la configuration est utilisé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ad.5.xml:94
@@ -7281,13 +7446,20 @@ msgstr ""
"Pour un fonctionnement correct, cette option doit être le nom long du "
"domaine Active Directory, spécifié en minuscules."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -7298,18 +7470,18 @@ msgstr ""
"La liste par ordre de préférence séparée par des virgules des adresses IP ou "
"des noms de systèmes des serveurs AD auquel SSSD doit se connecter. Pour "
"plus d'informations sur la redondance de serveurs et le basculement, "
-"consulter la section <quote>BASCULEMENT</quote>. Ceci est optionnel si la "
+"consulter la section <quote>BASCULEMENT</quote>. Ceci est facultatif si la "
"découverte automatique est activée. Pour plus d'informations sur la "
-"découverte de services, se reporter à la section de <quote>DÉCOUVERTE DE "
+"découverte de services, se reporter à la section <quote>DÉCOUVERTE DE "
"SERVICE</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr "ad_hostname (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -7320,7 +7492,7 @@ msgstr ""
"identifier ce système."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
@@ -7330,57 +7502,73 @@ msgstr ""
"publié un fichier keytab."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "case_sensitive (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "case_sensitive (booléen)"
+msgstr "ad_enable_dns_sites (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
+#, fuzzy
+#| msgid ""
+#| "If true and service discovery (see Service Discovery paragraph at the "
+#| "bottom of the man page) is enabled, the SSSD will first attempt to "
+#| "discover the Active Directory server to connect to using the Active "
+#| "Directory Site Discovery and fall back to the DNS SRV records if no AD "
+#| "site is found."
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
+"Si configuré à true et que la découverte de service (cf. le paragraphe "
+"Découverte de service au bas de la page de manuel) est activée, SSSD tentera "
+"d'abord de découvrir le serveur Active Directory auquel se connecter en "
+"utilisant Active Directory Site Discovery, puis se repliera sur "
+"l'utilisation des enregistrements DNS SRV si aucun site AD n'est trouvé."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
-#, fuzzy
-#| msgid ""
-#| "Optional. This option tells SSSD to automatically update the DNS server "
-#| "built into FreeIPA v2 with the IP address of this client."
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
-"Optionnel. Cette option indique à SSSD de mettre à jour automatiquement le "
-"serveur DNS de FreeIPA avec l'adresse IP du client."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 1200 (seconds)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Par défaut : 1200 (secondes)"
+msgstr "Par défaut : 3600 (secondes)"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
#, fuzzy
-#| msgid "krb5_fast_principal (string)"
+#| msgid "Default: Use the IP address of the IPA LDAP connection"
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr "Par défaut : utilise l'adresse IP de la connexion IPA LDAP"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
-msgstr "krb5_fast_principal (chaîne)"
+msgstr "krb5_use_enterprise_principal (booléen)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
+"Indique si le principal de l'utilisateur doit être traité comme un principal "
+"d'entreprise. Cf. la section 5 de la RFC 6806 pour plus de détails sur les "
+"principals d'entreprise."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7391,7 +7579,7 @@ msgstr ""
"exemples montrent seulement les options spécifiques au fournisseur AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -7415,7 +7603,7 @@ msgstr ""
"ad_domain = example.com\n"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -7427,7 +7615,7 @@ msgstr ""
"ldap_account_expire_policy = ad\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7562,6 +7750,9 @@ msgid ""
"automatically enabled. The sudo search base is configured to use the compat "
"tree (ou=sudoers,$DC)."
msgstr ""
+"Lorsque SSSD est configuré pour utiliser le fournisseur IPA, le fournisseur "
+"sudo est ajouté automatiquement. La base de recherche de sudo est alors "
+"configurée pour utiliser la branche de compatibilité (ou=sudoers,$DC)."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:99
@@ -8641,15 +8832,11 @@ msgstr "krb5_lifetime (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:322
-#, fuzzy
-#| msgid ""
-#| "Request ticket with a with a lifetime, given as an integer immediately "
-#| "followed by a time unit:"
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
msgstr ""
-"Demande un ticket avec une durée de vie donnée par un entier immédiatement "
+"Demande un ticket avec une durée de vie, donnée par un entier immédiatement "
"suivi par une unité de temps :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
@@ -8676,25 +8863,20 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_renew_interval (entier)"
+msgstr "krb5_renew_interval (chaîne)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
-#, fuzzy
-#| msgid ""
-#| "The time in seconds between two checks if the TGT should be renewed. TGTs "
-#| "are renewed if about half of their lifetime is exceeded."
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
"immediately followed by a time unit:"
msgstr ""
-"Le temps, en secondes, entre deux vérifications pour savoir si le TGT doit "
+"La durée, en secondes, entre deux vérifications pour savoir si le TGT doit "
"être renouvelé. Les TGT sont renouvelés si environ la moitié de leur durée "
-"de vie est dépassée."
+"de vie est dépassée. Indiquée par un entier immédiatement suivi d'une unité "
+"de temps :"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:384
@@ -8786,9 +8968,9 @@ msgstr ""
"et versions suivantes."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
-msgstr ""
+msgstr "Par défaut : false (AD provide: true)"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
@@ -8807,7 +8989,7 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8820,7 +9002,7 @@ msgstr ""
"et n'inclut aucun fournisseur d'identité."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -9570,8 +9752,8 @@ msgstr ""
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> peut être configuré pour l'utiliser en mettant la directive "
"suivante dans <citerefentry><refentrytitle>sshd_config</refentrytitle> "
-"<manvolnum>5</manvolnum></citerefentry>&nbsp;: <placeholder type="
-"\"programlisting\" id=\"0\"/>"
+"<manvolnum>5</manvolnum></citerefentry> : <placeholder type=\"programlisting"
+"\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
#: sss_ssh_authorizedkeys.1.xml:69
@@ -9593,8 +9775,8 @@ msgstr ""
"<citerefentry><refentrytitle>sshd</refentrytitle> <manvolnum>8</manvolnum></"
"citerefentry> peut être configuré pour l'utiliser en utilisant la directive "
"suivante de la configuration de <citerefentry><refentrytitle>sshd</"
-"refentrytitle> <manvolnum>8</manvolnum></citerefentry>&nbsp;: <placeholder "
-"type=\"programlisting\" id=\"0\"/>"
+"refentrytitle> <manvolnum>8</manvolnum></citerefentry> : <placeholder type="
+"\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
#: sss_ssh_authorizedkeys.1.xml:84
@@ -9607,13 +9789,15 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_ssh_authorizedkeys.1.xml:93 sss_ssh_knownhostsproxy.1.xml:92
msgid "EXIT STATUS"
-msgstr ""
+msgstr "CODE RETOUR"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:95 sss_ssh_knownhostsproxy.1.xml:94
msgid ""
"In case of success, an exit value of 0 is returned. Otherwise, 1 is returned."
msgstr ""
+"Dans le cas d'un opération achevée avec succès, une valeur de retour de 0 "
+"est renvoyée. Dans le cas contraire, 1 est renvoyé."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
@@ -9690,7 +9874,7 @@ msgstr ""
"<command>sss_ssh_knownhostsproxy</command> pour l'authentication par clés en "
"utilisant les directives suivantes pour la configuration de "
"<citerefentry><refentrytitle>ssh</refentrytitle> <manvolnum>1</manvolnum></"
-"citerefentry>&nbsp;: <placeholder type=\"programlisting\" id=\"0\"/>"
+"citerefentry> : <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term>
#: sss_ssh_knownhostsproxy.1.xml:66
@@ -10242,8 +10426,8 @@ msgid ""
"<emphasis>0x0010</emphasis>: Fatal failures. Anything that would prevent "
"SSSD from starting up or causes it to cease running."
msgstr ""
-"<emphasis>0x0010</emphasis>&nbsp;: défaillances fatales. Tout ce qui "
-"empêcherait SSSD de démarrer ou provoquerait son arrêt."
+"<emphasis>0x0010</emphasis> : défaillances fatales. Tout ce qui empêcherait "
+"SSSD de démarrer ou provoquerait son arrêt."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:15
@@ -10252,9 +10436,9 @@ msgid ""
"the SSSD, but one that indicates that at least one major feature is not "
"going to work properly."
msgstr ""
-"<emphasis>0x0020</emphasis>&nbsp;: échecs critiques. Une erreur qui ne tue "
-"pas SSSD, mais qui indique qu'au moins une caractéristique majeure ne pourra "
-"pas fonctionner correctement."
+"<emphasis>0x0020</emphasis> : échecs critiques. Une erreur qui ne tue pas "
+"SSSD, mais qui indique qu'au moins une caractéristique majeure ne pourra pas "
+"fonctionner correctement."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:20
@@ -10262,8 +10446,8 @@ msgid ""
"<emphasis>0x0040</emphasis>: Serious failures. An error announcing that a "
"particular request or operation has failed."
msgstr ""
-"<emphasis>0x0040</emphasis>&nbsp;: défaillances graves. Une erreur qui "
-"annonce qu'une requête particulière ou une opération a échoué."
+"<emphasis>0x0040</emphasis> : défaillances graves. Une erreur qui annonce "
+"qu'une requête particulière ou une opération a échoué."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:24
@@ -10271,32 +10455,30 @@ msgid ""
"<emphasis>0x0080</emphasis>: Minor failures. These are the errors that would "
"percolate down to cause the operation failure of 2."
msgstr ""
-"<emphasis>0x0080</emphasis>&nbsp;: erreurs mineures. Ce sont les erreurs qui "
+"<emphasis>0x0080</emphasis> : erreurs mineures. Ce sont les erreurs qui "
"seraient susceptibles d'empirer pour provoquer l'erreur en 2."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:28
msgid "<emphasis>0x0100</emphasis>: Configuration settings."
-msgstr "<emphasis>0x0100</emphasis>&nbsp;: paramètres de configuration."
+msgstr "<emphasis>0x0100</emphasis> : paramètres de configuration."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:31
msgid "<emphasis>0x0200</emphasis>: Function data."
-msgstr "<emphasis>0x0200</emphasis>&nbsp;: données de fonctionnement."
+msgstr "<emphasis>0x0200</emphasis> : données de fonctionnement."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:34
msgid "<emphasis>0x0400</emphasis>: Trace messages for operation functions."
-msgstr ""
-"<emphasis>0x0400</emphasis>&nbsp;: traçage des fonctions opérationnelles."
+msgstr "<emphasis>0x0400</emphasis> : traçage des fonctions opérationnelles."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:37
msgid ""
"<emphasis>0x1000</emphasis>: Trace messages for internal control functions."
msgstr ""
-"<emphasis>0x1000</emphasis>&nbsp;: traçage des fonctions de contrôles "
-"internes."
+"<emphasis>0x1000</emphasis> : traçage des fonctions de contrôles internes."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:40
@@ -10304,14 +10486,13 @@ msgid ""
"<emphasis>0x2000</emphasis>: Contents of function-internal variables that "
"may be interesting."
msgstr ""
-"<emphasis>0x2000</emphasis>&nbsp;: contenu des variables internes de "
-"fonctions pouvent être intéressantes."
+"<emphasis>0x2000</emphasis> : contenu des variables internes de fonctions "
+"pouvent être intéressantes."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:43
msgid "<emphasis>0x4000</emphasis>: Extremely low-level tracing information."
-msgstr ""
-"<emphasis>0x4000</emphasis>&nbsp;: informations de traçage de bas niveau."
+msgstr "<emphasis>0x4000</emphasis> : informations de traçage de bas niveau."
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:46
@@ -10320,7 +10501,7 @@ msgid ""
"following examples:"
msgstr ""
"Pour activer les niveaux de débogage requis, il suffit de faire la somme de "
-"l'ensemble des numéros tel qu'illustré dans les exemples suivants&nbsp;:"
+"l'ensemble des numéros tel qu'illustré dans les exemples suivants :"
#. type: Content of: <listitem><para>
#: include/debug_levels.xml:49
@@ -10328,7 +10509,7 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, critical failures, "
"serious failures and function data use 0x0270."
msgstr ""
-"<emphasis>Exemple</emphasis>&nbsp;: pour suivre erreurs fatales, critiques, "
+"<emphasis>Exemple</emphasis> : pour suivre erreurs fatales, critiques, "
"graves et les données de fonction, utiliser 0x0270."
#. type: Content of: <listitem><para>
@@ -10337,7 +10518,7 @@ msgid ""
"<emphasis>Example</emphasis>: To log fatal failures, configuration settings, "
"function data, trace messages for internal control functions use 0x1310."
msgstr ""
-"<emphasis>Exemple</emphasis>&nbsp;: pour consigner les erreurs fatales, les "
+"<emphasis>Exemple</emphasis> : pour consigner les erreurs fatales, les "
"paramètres de configuration, les données de fonction, les messages de trace "
"pour les fonctions de contrôle interne, utiliser 0x1310."
@@ -10347,9 +10528,9 @@ msgid ""
"<emphasis>Note</emphasis>: This is new format of debug levels introduced in "
"1.7.0. Older format (numbers from 0-10) is compatible but deprecated."
msgstr ""
-"<emphasis>Note</emphasis>&nbsp:: il s'agit d'un nouveau format des niveaux "
-"de débogage introduit dans la version 1.7.0. L'ancien format (nombres de 0 "
-"à 10) est compatible mais déconseillé et voué à disparaître."
+"<emphasis>Note</emphasis> : il s'agit d'un nouveau format des niveaux de "
+"débogage introduit dans la version 1.7.0. L'ancien format (nombres de 0 à "
+"10) est compatible mais déconseillé et voué à disparaître."
#. type: Content of: outside any tag (error?)
#: include/experimental.xml:1
@@ -10600,16 +10781,13 @@ msgstr "Cette option peut aussi être définie pour chaque domaine."
#. type: Content of: <varlistentry><listitem><para><programlisting>
#: include/override_homedir.xml:46
-#, fuzzy, no-wrap
-#| msgid ""
-#| "override_homedir = /home/%u\n"
-#| " "
+#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
"override_homedir = /home/%u\n"
-" "
+" "
#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:50
@@ -10617,60 +10795,31 @@ msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "Par défaut : Indéfini (SSSD utilisera la valeur récupérée de LDAP)"
#~ msgid ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+#~ "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+#~ "how to translate a (name, domain) tuple into a fully qualified name."
+#~ msgstr ""
+#~ "Le format par défaut compatible <citerefentry> <refentrytitle>printf</"
+#~ "refentrytitle> <manvolnum>3</manvolnum> </citerefentry> décrivant la "
+#~ "traduction (nom, domaine) d'un tuple en un domaine pleinement qualifé."
+
+#~ msgid ""
+#~ "Regular expression for this domain that describes how to parse the string "
+#~ "containing user name and domain into these components."
#~ msgstr ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "Expressions rationnelles qui décrivent la manière d'analyser les chaînes "
+#~ "contenant les informations utilisateur et domaine dans ces composants."
#~ msgid ""
-#~ "The following example illustrates setting up SSSD to download sudo rules "
-#~ "from an IPA server. It is necessary to use the LDAP provider and set "
-#~ "appropriate connection parameters to authenticate correctly against the "
-#~ "IPA server, because SSSD does not have native support of IPA provider for "
-#~ "sudo yet."
+#~ "Optional. This option tells SSSD to automatically update the DNS server "
+#~ "built into FreeIPA v2 with the IP address of this client."
#~ msgstr ""
-#~ "L'exemple suivant illustre le paramétrage de SSSD pour télécharger les "
-#~ "règles sudo depuis un serveur IPA. Il est nécessaire d'utiliser le "
-#~ "fournisseur LDAP et de définir des paramètres de connexion appropriés "
-#~ "afin de s'authentifier correctement sur le serveur IPA, car SSSD ne "
-#~ "possède pas encore de prise en charge native du fournisseur sudo de IPA."
+#~ "Facultatif. Cette option indique à SSSD de mettre à jour automatiquement "
+#~ "le serveur DNS de FreeIPA avec l'adresse IP du client."
#~ msgid ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Optional. This option tells SSSD to automatically update the Active "
+#~ "Directory DNS server with the IP address of this client."
#~ msgstr ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Facultatif. Cette option indique à SSSD de mettre à jour automatiquement "
+#~ "le serveur DNS de Active Directory avec l'adresse IP du client."
diff --git a/src/man/po/ja.po b/src/man/po/ja.po
index 5b81e74a7..e6b9478f8 100644
--- a/src/man/po/ja.po
+++ b/src/man/po/ja.po
@@ -4,15 +4,15 @@
#
# Translators:
# Tadashi "ELF" Jokagi <elf@poyo.jp>, 2012
-# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012
+# Tomoyuki KATO <tomo@dream.daynight.jp>, 2012-2013
# 高一人参 @欠陥遺伝子 <www.carrotsoft@gmail.com>, 2012
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
-"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-07 06:30+0000\n"
+"Last-Translator: Tomoyuki KATO <tomo@dream.daynight.jp>\n"
"Language-Team: Japanese <trans-ja@lists.fedoraproject.org>\n"
"Language: ja\n"
"MIME-Version: 1.0\n"
@@ -230,7 +230,7 @@ msgid "The [sssd] section"
msgstr "[sssd] セクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "セクションのパラメーター"
@@ -273,12 +273,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -287,7 +287,7 @@ msgstr ""
"める前に試行する回数です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "初期値: 3"
@@ -298,12 +298,6 @@ msgstr "domains"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -311,12 +305,9 @@ msgid ""
"them to be queried. A domain name should only consist of alphanumeric ASCII "
"characters, dashes and underscores."
msgstr ""
-"ドメインはユーザー情報を含むデータベースです。SSSD は同時に複数のドメインを使"
-"用できますが、少なくとも一つを設定する必要があります。さもなければ SSSD は開"
-"始できません。このパラメーターは検索したいドメインの一覧を表されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (文字列)"
@@ -336,32 +327,87 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (文字列)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+#, fuzzy
+#| msgid ""
+#| "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
+#| "<manvolnum>8</manvolnum> </citerefentry> to specify the default "
+#| "permissions on a newly created home directory."
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+"新規に作成されるホームディレクトリーにパーミッションの初期値を指定するために "
+"<citerefentry> <refentrytitle>sss_useradd</refentrytitle> <manvolnum>8</"
+"manvolnum> </citerefentry> により使用されます。"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+#, fuzzy
+#| msgid "username"
+msgid "user name"
+msgstr "username"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+#, fuzzy
+#| msgid ""
+#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+#| "\"0\"/>"
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"プロキシドメインに対して有効なオプションです。 <placeholder type="
+"\"variablelist\" id=\"0\"/>"
+
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -374,7 +420,7 @@ msgstr ""
"フォールバックします。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -385,7 +431,7 @@ msgstr ""
"です"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -394,7 +440,7 @@ msgstr ""
"トフォームにおいては偽です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -403,12 +449,12 @@ msgstr ""
"ません。これらのプラットフォームにおいては、ポーリングが常に使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -417,7 +463,7 @@ msgstr ""
"クトリーです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
@@ -426,7 +472,7 @@ msgstr ""
"よう SSSD に指示する、特別な値 __LIBKRB5_DEFAULTS__ を受け付けます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
@@ -435,12 +481,12 @@ msgstr ""
"ければ __LIBKRB5_DEFAULTS__ です)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -450,15 +496,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -481,12 +527,12 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "サービスセクション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -498,81 +544,82 @@ msgstr ""
"ば、NSS サービスは <quote>[nss]</quote> セクションです"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "サービス設定の全体オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "これらのオプションはすべてのサービスを設定するために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "デバッグメッセージに日時を追加します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "初期値: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr "デバッグメッセージの日時にマイクロ秒を追加します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "初期値: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "初期値: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -582,17 +629,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -603,18 +650,18 @@ msgstr ""
"避けるために制限されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "初期値: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -624,12 +671,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "NSS 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -637,12 +684,12 @@ msgstr ""
"きます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -651,17 +698,17 @@ msgstr ""
"要求)。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "初期値: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -672,7 +719,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -687,7 +734,7 @@ msgstr ""
"とをブロックする必要がありません。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -700,17 +747,17 @@ msgstr ""
"(0 はこの機能を無効にします)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "初期値: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -721,17 +768,17 @@ msgstr ""
"せ)をキャッシュする秒数を指定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "初期値: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -744,17 +791,17 @@ msgstr ""
"飾名を含めることができます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "初期値: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -762,12 +809,12 @@ msgstr ""
"ションを偽に設定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -776,7 +823,7 @@ msgstr ""
"ホームディレクトリーの標準テンプレートを設定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -784,7 +831,7 @@ msgstr ""
"同じです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -794,22 +841,22 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr "override_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -818,17 +865,17 @@ msgstr ""
"において全体的またはドメインごとに指定できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr "allowed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -836,13 +883,13 @@ msgstr ""
"す:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -851,7 +898,7 @@ msgstr ""
"ば、shell_fallback パラメーターの値を使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -860,12 +907,12 @@ msgstr ""
"ば、nologin シェルが使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr "シェルの空文字列は libc にそのまま渡されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -875,27 +922,27 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr "shell_fallback (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -903,17 +950,17 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "初期値: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -921,48 +968,48 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "初期値: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr "PAM 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -971,12 +1018,12 @@ msgstr ""
"ために使用できます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -985,17 +1032,17 @@ msgstr ""
"ラインログインの最終成功からの日数)です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1003,12 +1050,12 @@ msgstr ""
"認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1017,7 +1064,7 @@ msgstr ""
"渡される分単位の時間です。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1028,17 +1075,17 @@ msgstr ""
"効にできます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "初期値: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1047,42 +1094,42 @@ msgstr ""
"きいほどメッセージが表示されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "現在 sssd は以下の値をサポートします:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "初期値: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1092,7 +1139,7 @@ msgstr ""
"されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1105,17 +1152,17 @@ msgstr ""
"アプリケーションごとに)制御します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr "パスワードの期限が切れる前に N 日間警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1125,41 +1172,41 @@ msgstr ""
"ことに注意してください。この情報がなければ、sssd は警告を表示します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "初期値: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr "SUDO 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr "これらのオプションは sudo サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr "sudo_timed (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1168,22 +1215,22 @@ msgstr ""
"を評価するかしないかです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr "Autofs 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr "これらのオプションが autofs サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1194,51 +1241,51 @@ msgstr ""
"ヒットする秒数を指定します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr "SSH 設定オプション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr "これらのオプションは SSH サービスを設定するために使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr "初期値: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1250,35 +1297,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1286,12 +1333,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1300,17 +1347,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "ドメインセクション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1319,7 +1366,7 @@ msgstr ""
"トリーを含む場合、それは無視されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1331,17 +1378,17 @@ msgstr ""
"バーに対して、範囲内にあるものは予期されたものとして報告されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "初期値: min_id は 1, max_id は 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerate (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1350,23 +1397,23 @@ msgstr ""
"必要があります:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = ユーザーとグループが列挙されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = このドメインに対して列挙しません"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "初期値: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1378,7 +1425,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1387,7 +1434,7 @@ msgstr ""
"れが完了するまで結果を返しません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1400,19 +1447,19 @@ msgstr ""
"てください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1421,17 +1468,17 @@ msgstr ""
"数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "初期値: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1440,18 +1487,18 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr "初期値: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1460,12 +1507,12 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1474,12 +1521,12 @@ msgstr ""
"有効であると考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1488,54 +1535,83 @@ msgstr ""
"考える秒数です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+#, fuzzy
+#| msgid "ldap_sudo_full_refresh_interval (integer)"
+msgid "refresh_expired_interval (integer)"
+msgstr "ldap_sudo_full_refresh_interval (整数)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+#, fuzzy
+#| msgid ""
+#| "Specifies how many seconds SSSD has to wait before refreshing its cache "
+#| "of enumerated records."
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+"SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"ユーザーのクレディンシャルがローカル LDB キャッシュにキャッシュされるかどうか"
"を決めます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"ユーザーのクレディンシャルが、平文ではなく SHA512 ハッシュで保存されます"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1547,17 +1623,17 @@ msgstr ""
"offline_credentials_expiration と同等以上でなければいけません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "初期値: 0 (無制限)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1566,17 +1642,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "初期値: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1584,17 +1660,17 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: ローカルユーザー向け SSSD 内部プロバイダー"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1605,8 +1681,8 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1619,8 +1695,8 @@ msgstr ""
"い。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1631,12 +1707,12 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1645,7 +1721,7 @@ msgstr ""
"名形式により整形されたように) を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1658,17 +1734,17 @@ msgstr ""
"んが、<command>getent passwd test@LOCAL</command> は見つけられます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1676,12 +1752,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1690,7 +1766,7 @@ msgstr ""
"ダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1701,7 +1777,7 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1712,19 +1788,19 @@ msgstr ""
"manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
"<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> は明示的に認証を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1733,12 +1809,12 @@ msgstr ""
"ならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1749,7 +1825,7 @@ msgstr ""
"えます)。内部の特別プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1758,12 +1834,12 @@ msgstr ""
"ロバイダーのみアクセスが許可されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> は常にアクセスを拒否します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1776,17 +1852,17 @@ msgstr ""
"citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "初期値: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr "chpass_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1795,7 +1871,7 @@ msgstr ""
"パスワード変更プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1806,7 +1882,7 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1817,7 +1893,7 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
@@ -1825,12 +1901,12 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1839,19 +1915,19 @@ msgstr ""
"うことができるならば、それが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr "sudo_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー"
"は次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1862,24 +1938,24 @@ msgstr ""
"<manvolnum>5</manvolnum> </citerefentry> を参照します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> は SUDO を明示的に無効化します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"初期値: <quote>id_provider</quote> の値が設定されていると使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1887,7 +1963,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1895,31 +1971,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1927,17 +2003,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr "autofs_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -1945,7 +2021,7 @@ msgstr ""
"プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1953,7 +2029,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1961,17 +2037,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> は明示的に autofs を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr "hostid_provider (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -1980,7 +2056,7 @@ msgstr ""
"hostid プロバイダーは次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1988,19 +2064,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> は明示的に hostid を無効にします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2009,29 +2088,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr "username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr "username@domain.name"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr "domain\\username"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2042,7 +2121,7 @@ msgstr ""
"everything after that\" に解釈されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2050,7 +2129,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2059,25 +2138,17 @@ msgstr ""
"Python 構文 (?P&lt;name&gt;) のみをサポートします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "初期値: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2086,46 +2157,46 @@ msgstr ""
"します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "サポートする値:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "初期値: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2136,12 +2207,12 @@ msgstr ""
"ドにて操作を継続します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2150,27 +2221,27 @@ msgstr ""
"イン部分を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr "初期値: マシンのホスト名のドメイン部分を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr "override_gid (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr "プライマリー GID の値を指定されたもので上書きします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2179,17 +2250,17 @@ msgstr ""
"このオプションはローカルプロバイダーにおいてサポートされません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr "初期値: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2198,22 +2269,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2223,19 +2294,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
"値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "初期値: <filename>/home/%d/%u</filename>"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (文字列)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2246,17 +2330,17 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr "中継するプロキシターゲット PAM です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2265,12 +2349,12 @@ msgstr ""
"をここに追加する必要があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2281,7 +2365,7 @@ msgstr ""
"_nss_files_getpwent です。"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2290,12 +2374,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "ローカルドメインのセクション"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2306,27 +2390,27 @@ msgstr ""
"メインに対する設定を含みます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr "SSSD ユーザー空間ツールを用いて作成されたユーザーの初期シェルです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "初期値: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2335,17 +2419,17 @@ msgstr ""
"ホームディレクトリーとして使用します。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "初期値: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2354,17 +2438,17 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "初期値: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (論理値)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2373,12 +2457,12 @@ msgstr ""
"す。コマンドラインにおいて上書きできます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (整数)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2389,17 +2473,17 @@ msgstr ""
"manvolnum> </citerefentry> により使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "初期値: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2412,17 +2496,17 @@ msgstr ""
"を含む、スケルトンディレクトリーです。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "初期値: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2433,17 +2517,17 @@ msgstr ""
"が使用されます。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "初期値: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (文字列)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2454,18 +2538,18 @@ msgstr ""
"せん。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "初期値: なし、コマンドを実行しません"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "例"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2519,7 +2603,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2888,7 +2972,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "ユーザーのプライマリーグループ ID に対応する LDAP の属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr "初期値: gidNumber"
@@ -2948,7 +3032,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr "LDAP ユーザーオブジェクトの UUID/GUID を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "初期値: nsUniqueId"
@@ -2967,7 +3051,7 @@ msgstr ""
"ActiveDirectory サーバーに対してのみ必要です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"初期値: ActiveDirectory の objectSid です、他のサーバーに対して設定sれませ"
@@ -2979,14 +3063,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr "親オブジェクトの最終変更のタイムスタンプを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "初期値: modifyTimestamp"
@@ -3370,9 +3454,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "ユーザーの完全名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "初期値: cn"
@@ -3387,7 +3471,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "ユーザーのグループメンバーを一覧にする LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr "初期値: memberOf"
@@ -3418,16 +3502,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr "初期値: authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3438,7 +3530,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -3447,77 +3539,85 @@ msgstr ""
"索します。最後にすべて許可 (*) が検索されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr "初期値: host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr "LDAP にあるグループエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "初期値: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr "グループ名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "グループの ID に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "グループのメンバーの名前を含む LDAP の属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "初期値: memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "LDAP グループオブジェクトの UUID/GUID を含む LDAP の属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
@@ -3526,17 +3626,17 @@ msgstr ""
"ActiveDirectory サーバーに対してのみ必要です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3547,17 +3647,17 @@ msgstr ""
"のオプションは RFC2307 スキーマにおいて効果がありません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "初期値: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3565,14 +3665,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3580,7 +3680,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3589,18 +3689,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "初期値: 偽"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3608,69 +3708,69 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr "LDAP にあるネットワークグループエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
"IPA プロバイダーにおいては ipa_netgroup_object_class が代わりに使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr "初期値: nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "ネットワークグループ名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr "IPA プロバイダーにおいては ipa_netgroup_name が代わりに使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr "ネットワークグループのメンバーの名前を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
"IPA プロバイダーにおいては ipa_netgroup_member が代わりに使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr "初期値: memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
@@ -3678,107 +3778,107 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr "このオプションは IPA プロバイダーにおいて利用可能ではありません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "初期値: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
"LDAP ネットワークグループオブジェクトの UUID/GUID を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr "IPA プロバイダーにおいては ipa_netgroup_uuid が代わりに使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr "LDAP にあるサービスエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr "初期値: ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr "サービス属性の名前とそのエイリアスを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "このサービスにより管理されるポートを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr "初期値: ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr "このサービスにより認識されるプロトコルを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr "初期値: ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3786,7 +3886,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3797,18 +3897,18 @@ msgstr ""
"かもしれません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "初期値: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3816,12 +3916,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3837,12 +3937,12 @@ msgstr ""
"citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3852,12 +3952,12 @@ msgstr ""
"を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3866,17 +3966,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr "初期値: 900 (15 分)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -3885,17 +3985,17 @@ msgstr ""
"バーは 1 要求あたりの最大数の制限を強制します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr "初期値: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3906,7 +4006,7 @@ msgstr ""
"ことを報告する場合に、このオプションが使用されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
@@ -3916,7 +4016,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3927,12 +4027,34 @@ msgstr ""
"があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_disable_paging (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_disable_paging (論理値)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3940,17 +4062,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3958,13 +4080,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3973,7 +4095,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3981,12 +4103,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -3995,7 +4117,7 @@ msgstr ""
"クするものを指定します。以下の値のうち 1 つを指定できます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -4004,7 +4126,7 @@ msgstr ""
"確認しません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4015,7 +4137,7 @@ msgstr ""
"無視され、セッションが通常通り進められます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4026,7 +4148,7 @@ msgstr ""
"ンが直ちに終了します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -4036,22 +4158,22 @@ msgstr ""
"なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "初期値: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -4061,7 +4183,7 @@ msgstr ""
"書を含むファイルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -4070,12 +4192,12 @@ msgstr ""
"filename> にあります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -4088,32 +4210,32 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr "クライアントのキーに対する証明書を含むファイルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr "クライアントのキーを含むファイルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4124,12 +4246,12 @@ msgstr ""
"<manvolnum>5</manvolnum></citerefentry> を参照してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4138,12 +4260,12 @@ msgstr ""
"用する必要がある id_provider 接続を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4151,18 +4273,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4171,12 +4293,12 @@ msgstr ""
"れます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4185,17 +4307,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr "初期値: host/hostname@REALM"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4203,17 +4325,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4222,33 +4344,33 @@ msgstr ""
"するために逆引きを実行します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "初期値: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "SASL/GSSAPI を使用するときに使用するキーテーブルを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4259,27 +4381,27 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "GSSAPI が使用されている場合、TGT の有効期間を秒単位で指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "初期値: 86400 (24 時間)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4291,7 +4413,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4302,7 +4424,7 @@ msgstr ""
"ば _tcp にフォールバックします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4313,27 +4435,27 @@ msgstr ""
"quote> を使用するよう設定ファイルを移行することが推奨されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "(SASL/GSSAPI 認証向け) Kerberos レルムを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4342,12 +4464,45 @@ msgstr ""
"します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_canonicalize (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_canonicalize (論理値)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+#, fuzzy
+#| msgid ""
+#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring LDAP."
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+"<quote>ldap</quote>: LDAP プロバイダー。LDAP の設定に関する詳細は "
+"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
+"manvolnum> </citerefentry> を参照してください。"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4356,7 +4511,7 @@ msgstr ""
"す。以下の値が許容されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4365,7 +4520,7 @@ msgstr ""
"ンはサーバー側のパスワードポリシーを無効にできません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4376,7 +4531,7 @@ msgstr ""
"manvolnum></citerefentry> 形式の属性を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4387,22 +4542,22 @@ msgstr ""
"とき、これらの属性を更新するために chpass_provider=krb5 を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "初期値: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr "自動参照追跡が有効化されるかを指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4411,7 +4566,7 @@ msgstr ""
"sssd のみが参照追跡をサポートすることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4420,28 +4575,28 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"サービス検索が有効にされているときに使用するサービスの名前を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "初期値: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4450,29 +4605,29 @@ msgstr ""
"を検索するために使用するサービスの名前を指定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4483,12 +4638,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "例:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4500,7 +4655,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4509,7 +4664,7 @@ msgstr ""
"ンバーに制限されることを意味します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4522,17 +4677,17 @@ msgstr ""
"た同様です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr "初期値: 空白"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4541,7 +4696,7 @@ msgstr ""
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4552,12 +4707,12 @@ msgstr ""
"否します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "以下の値が許可されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4566,7 +4721,7 @@ msgstr ""
"ldap_user_shadow_expire の値を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4575,7 +4730,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4586,7 +4741,7 @@ msgstr ""
"ldap_ns_account_lock の値を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4598,29 +4753,37 @@ msgstr ""
"ldap_user_nds_login_expiration_time の値が使用されます。どの値もなければ、ア"
"クセスが許可されます。"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4629,30 +4792,30 @@ msgstr ""
"authorizedService 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "初期値: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr "値が複数使用されていると設定エラーになることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -4661,12 +4824,12 @@ msgstr ""
"ションが許容されます:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -4675,7 +4838,7 @@ msgstr ""
"決されますが、検索のベースオブジェクトの位置を探すときはされません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -4684,7 +4847,7 @@ msgstr ""
"すときのみ参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -4693,7 +4856,7 @@ msgstr ""
"きも位置を検索するときも参照解決されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -4702,19 +4865,19 @@ msgstr ""
"して取り扱われます)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4725,7 +4888,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4748,57 +4911,57 @@ msgstr ""
"\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr "SUDO オプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr "LDAP にある sudo ルールエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr "初期値: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "sudo ルール名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr "コマンド名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr "初期値: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -4807,17 +4970,17 @@ msgstr ""
"クグループ)に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr "初期値: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -4826,49 +4989,49 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr "初期値: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "sudo オプションに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr "初期値: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr "コマンドを実行するユーザー名に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr "初期値: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -4876,34 +5039,34 @@ msgstr ""
"コマンドを実行するグループ名またはグループの GID に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr "初期値: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr "sudo ルールが有効になる開始日時に対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr "初期値: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
@@ -4912,39 +5075,39 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr "初期値: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "ルールの並び替えインデックスに対応する LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr "初期値: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -4953,17 +5116,17 @@ msgstr ""
"ります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr "初期値: 21600 (6 時間)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4971,31 +5134,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5004,15 +5167,15 @@ msgstr ""
"区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5021,17 +5184,17 @@ msgstr ""
"ならば、このオプションは効果を持ちません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr "初期値: 指定なし"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5040,7 +5203,7 @@ msgstr ""
"アドレスの空白区切り一覧です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5048,36 +5211,36 @@ msgstr ""
"このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5089,59 +5252,59 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr "AUTOFS オプション"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr "初期値は RFC2307 の標準スキーマに対応することに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr "LDAP にある automount マップエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr "初期値: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr "LDAP における automount のマップエントリーの名前です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr "初期値: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5150,17 +5313,17 @@ msgstr ""
"ントと対応します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr "初期値: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5173,32 +5336,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "高度なオプション"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5207,7 +5370,7 @@ msgstr ""
"定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5216,7 +5379,7 @@ msgstr ""
"<emphasis>廃止されます</emphasis>。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5226,7 +5389,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5235,12 +5398,12 @@ msgstr ""
"制限されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5249,7 +5412,7 @@ msgstr ""
"定します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5258,17 +5421,17 @@ msgstr ""
"<emphasis>廃止されます</emphasis>。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5279,7 +5442,7 @@ msgstr ""
"さい。 <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5290,7 +5453,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5303,20 +5466,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "注記"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5853,23 +6016,22 @@ msgstr ""
"使用される完全修飾名を反映しないマシンにおいて設定されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (論理値)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
-"オプションです。このオプションは FreeIPA v2 の中にこのクライアントの IP アド"
-"レスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -5879,7 +6041,7 @@ msgstr ""
"要があります"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5887,14 +6049,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "timeout (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "timeout (整数)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5902,7 +6062,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5910,32 +6070,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (文字列)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
-#, fuzzy
-#| msgid ""
-#| "Optional. Applicable only when ipa_dyndns_update is true. Choose the "
-#| "interface whose IP address should be used for dynamic DNS updates."
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
-"オプションです。ipa_dyndns_update が真のときのみ適用できます。動的 DNS 更新の"
-"ために使用される IP アドレスのインターフェースを選択します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5943,24 +6095,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "初期値: IPA LDAP 接続の IP アドレスを使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (論理値)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5972,105 +6122,90 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "ldap_sudo_smart_refresh_interval (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "ldap_sudo_smart_refresh_interval (整数)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: loginDisabled"
-msgid "Default: 0 (disabled)"
-msgstr "初期値: loginDisabled"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (論理値)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: loginDisabled"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "初期値: loginDisabled"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (論理値)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと"
"して使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr "初期値: ベース DN を使用します"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
"オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し"
"ます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6079,7 +6214,7 @@ msgstr ""
"してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -6090,62 +6225,62 @@ msgstr ""
"と、フィルターは無視されます。"
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと"
"して使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列"
"を使用します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -6153,7 +6288,7 @@ msgstr ""
"取得された TGT が改ざんされていないかを krb5_keytab の支援で確認します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6162,7 +6297,7 @@ msgstr ""
"してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6171,7 +6306,7 @@ msgstr ""
"quote> の値です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6180,7 +6315,7 @@ msgstr ""
"めに使用するベース DN に変換されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6190,12 +6325,12 @@ msgstr ""
"するかを指定します。この機能は MIT Kerberos >= 1.7 で利用可能です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (整数)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6203,17 +6338,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr "初期値: 5 (秒)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -6221,12 +6356,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6240,7 +6375,7 @@ msgstr ""
"操作をサポートします:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6249,7 +6384,7 @@ msgstr ""
"てのユーザーがアクセスを拒否されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6259,17 +6394,17 @@ msgstr ""
"注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr "初期値: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (論理値)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
@@ -6278,7 +6413,7 @@ msgstr ""
"す。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
@@ -6288,37 +6423,37 @@ msgstr ""
"ようになることに注意してください。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr "この IPA クライアントが使用する automounter の場所です"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr "初期値: \"default\" という名前の場所"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "ネットワークグループのメンバーを一覧にする LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6327,17 +6462,17 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr "初期値: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6346,17 +6481,17 @@ msgstr ""
"LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr "初期値: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6365,100 +6500,100 @@ msgstr ""
"る LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr "初期値: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr "ネットワークグループの NIS ドメイン名を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr "初期値: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr "LDAP にあるホストエントリーのオブジェクトクラスです。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr "初期値: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "ホストの FQDN を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr "初期値: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "SELinux ユーザーマップの名前を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr "このルールが一致するすべてのユーザー・グループを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr "このルールが一致するホスト・ホストグループを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6467,32 +6602,32 @@ msgstr ""
"む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr "初期値: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "SELinux ユーザー文字列自身を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr "初期値: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -6500,84 +6635,84 @@ msgstr ""
"ユーザーマップが使用するために有効化されているかどうかを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr "初期値: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr "'all' のようなユーザーカテゴリーを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr "初期値: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "'all' のようなホストカテゴリーを含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr "初期値: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "ユーザーマップの一意な ID を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr "初期値: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "ホストの SSH 公開鍵を含む LDAP 属性です。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr "初期値: ipaSshPubKey"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -6585,7 +6720,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -6597,7 +6732,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6608,7 +6743,7 @@ msgstr ""
"例は IPA プロバイダー固有のオプションのみを示しています。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6712,13 +6847,20 @@ msgstr ""
"正しい動作のために、このオプションは Active Directory ドメインの長いバージョ"
"ンの小文字バージョンとして指定されます。"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (文字列)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -6728,12 +6870,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr "ad_hostname (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -6743,7 +6885,7 @@ msgstr ""
"全修飾名を反映しないマシンにおいてマシンに設定されるかもしれません。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
@@ -6752,57 +6894,58 @@ msgstr ""
"されます。キーテーブルが発行されたホスト名と一致する必要があります。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "case_sensitive (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "case_sensitive (論理値)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
-#, fuzzy
-#| msgid ""
-#| "Optional. This option tells SSSD to automatically update the DNS server "
-#| "built into FreeIPA v2 with the IP address of this client."
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
-"オプションです。このオプションは FreeIPA v2 の中にこのクライアントの IP アド"
-"レスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 5 (seconds)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "初期値: 5 (秒)"
+msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
#, fuzzy
-#| msgid "krb5_fast_principal (string)"
+#| msgid "Default: Use the IP address of the IPA LDAP connection"
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr "初期値: IPA LDAP 接続の IP アドレスを使用します"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
-msgstr "krb5_fast_principal (文字列)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6813,7 +6956,7 @@ msgstr ""
"AD プロバイダー固有のオプションのみ示してします。"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6837,7 +6980,7 @@ msgstr ""
"ad_domain = example.com\n"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6846,7 +6989,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7929,24 +8072,16 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_renew_interval (整数)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
-#, fuzzy
-#| msgid ""
-#| "The time in seconds between two checks if the TGT should be renewed. TGTs "
-#| "are renewed if about half of their lifetime is exceeded."
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
"immediately followed by a time unit:"
msgstr ""
-"TGT を更新すべきかを確認する秒単位の間隔。生存期間の半分が超えていると、 TGT "
-"は更新されます。"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:384
@@ -8024,7 +8159,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -8039,7 +8174,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8048,7 +8183,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -8914,7 +9049,7 @@ msgstr ""
#. type: Content of: <refsect1><title>
#: include/service_discovery.xml:2
msgid "SERVICE DISCOVERY"
-msgstr "サービス検索"
+msgstr "サービス探索"
#. type: Content of: <refsect1><para>
#: include/service_discovery.xml:4
@@ -8940,6 +9075,13 @@ msgid ""
"prefers to use service discovery whenever possible, and fall back to a "
"specific server when no servers can be discovered using DNS."
msgstr ""
+"何もサーバーが指定されていなければ、バックエンドがサーバーを見つけようとする"
+"ために、サービス探索を自動的に使用します。オプションとして、サーバーの一覧に"
+"特別なキーワード <quote>_srv_</quote> を挿入することにより、ユーザーが固定"
+"サーバーアドレスおよびサービス探索のどちらも使用することを選択できます。これ"
+"は設定の順番が維持されます。たとえば、ユーザーができる限りサービス探索を使用"
+"し、DNS を使用してサーバーを探索できないときに特定のサーバーにフォールバック"
+"したい場合、この機能は有用です。"
#. type: Content of: <refsect1><refsect2><title>
#: include/service_discovery.xml:23
@@ -9625,16 +9767,11 @@ msgstr "このオプションはドメインごとに設定できます。"
#. type: Content of: <varlistentry><listitem><para><programlisting>
#: include/override_homedir.xml:46
-#, fuzzy, no-wrap
-#| msgid ""
-#| "override_homedir = /home/%u\n"
-#| " "
+#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
-"override_homedir = /home/%u\n"
-" "
#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:50
@@ -9642,47 +9779,8 @@ msgid "Default: Not set (SSSD will use the value retrieved from LDAP)"
msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)"
#~ msgid ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
-#~ msgstr ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
-
-#~ msgid ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Optional. This option tells SSSD to automatically update the DNS server "
+#~ "built into FreeIPA v2 with the IP address of this client."
#~ msgstr ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "オプションです。このオプションは FreeIPA v2 の中にこのクライアントの IP ア"
+#~ "ドレスを組み込む DNS サーバーを自動的に更新するよう SSSD に通知します。"
diff --git a/src/man/po/lv.po b/src/man/po/lv.po
index 3bfabe10b..cf003c26b 100644
--- a/src/man/po/lv.po
+++ b/src/man/po/lv.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Latvian (http://www.transifex.com/projects/p/fedora/language/"
"lv/)\n"
@@ -202,7 +202,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -239,19 +239,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr ""
@@ -271,7 +271,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -291,32 +291,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -325,7 +364,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -333,52 +372,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -388,15 +427,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -414,12 +453,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -428,81 +467,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "noildze (vesels skaitlis)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Noklusējuma: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -512,17 +552,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -530,18 +570,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Noklusējuma: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -551,40 +591,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -592,7 +632,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -602,7 +642,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -611,17 +651,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -629,17 +669,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Noklusējuma: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -648,41 +688,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -690,112 +730,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -803,96 +843,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Noklusējuma: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Noklusējuma: 0 (bez ierobežojuma)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -900,59 +940,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Noklusējuma: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -960,7 +1000,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -969,17 +1009,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -987,63 +1027,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1051,51 +1091,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1107,35 +1147,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1143,12 +1183,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1157,24 +1197,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1183,40 +1223,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1228,14 +1268,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1244,129 +1284,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1375,17 +1437,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Noklusējuma: 0 (neierobežots)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1394,33 +1456,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1428,8 +1490,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1438,8 +1500,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1447,19 +1509,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1468,17 +1530,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1486,19 +1548,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1506,7 +1568,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1514,30 +1576,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1545,19 +1607,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1566,24 +1628,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "Noklusējuma: <quote>atļaut</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1591,7 +1653,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1599,35 +1661,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1635,23 +1697,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1659,7 +1721,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1667,31 +1729,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1699,23 +1761,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1723,7 +1785,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1731,24 +1793,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1756,19 +1818,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1777,29 +1842,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1807,7 +1872,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1815,74 +1880,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Atbalstītās vērtības:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1890,56 +1947,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1948,22 +2005,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1973,18 +2030,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1992,29 +2060,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2022,19 +2090,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2042,73 +2110,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Noklusējuma: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2116,17 +2184,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Noklusējuma: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2135,17 +2203,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Noklusējuma: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2153,17 +2221,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Noklusējuma: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2171,18 +2239,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "PIEMĒRS"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2212,7 +2280,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2553,7 +2621,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2613,7 +2681,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2630,7 +2698,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2640,14 +2708,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2984,9 +3052,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3001,7 +3069,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3027,16 +3095,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3044,101 +3120,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "Noklusējuma: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3146,17 +3230,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3164,14 +3248,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3179,7 +3263,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3188,18 +3272,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3207,172 +3291,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3380,7 +3464,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3388,18 +3472,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Noklusējuma: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3407,12 +3491,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3423,12 +3507,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3436,12 +3520,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3450,34 +3534,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3485,14 +3569,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3500,12 +3584,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3513,17 +3617,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3531,13 +3635,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3546,7 +3650,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3554,26 +3658,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3581,7 +3685,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3589,7 +3693,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3597,41 +3701,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3640,32 +3744,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3673,24 +3777,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3698,29 +3802,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3729,17 +3833,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3747,49 +3851,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3797,27 +3901,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Noklusējuma: 86400 (24 stundas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3829,7 +3933,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3837,7 +3941,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3845,53 +3949,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3899,7 +4026,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3907,29 +4034,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3938,56 +4065,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "Noklusējuma: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3998,12 +4125,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Piemērs:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4012,14 +4139,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4028,24 +4155,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4053,19 +4180,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "Atļautas šādas vērtības:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4074,7 +4201,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4082,7 +4209,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4090,109 +4217,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Noklusējuma: filtrēt"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4203,7 +4338,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4221,213 +4356,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4435,106 +4570,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4543,76 +4678,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4621,46 +4756,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "PAPLAŠINĀTĀS IESPĒJAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4668,43 +4803,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4712,7 +4847,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4720,7 +4855,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4733,20 +4868,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "PIEZĪMES"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5181,7 +5316,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5189,18 +5324,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5208,14 +5346,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "timeout (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "noildze (vesels skaitlis)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5223,7 +5359,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5231,24 +5367,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5256,22 +5392,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5283,102 +5419,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
-msgid "Default: 0 (disabled)"
-msgstr "Noklusējuma: 0 (neierobežots)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Noklusējuma: 0 (neierobežots)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5386,86 +5513,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5473,12 +5600,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5486,17 +5613,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5504,12 +5631,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5518,325 +5645,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5844,7 +5971,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5856,7 +5983,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5864,7 +5991,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5960,13 +6087,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5976,12 +6110,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5989,54 +6123,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 86400 (24 hours)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Noklusējuma: 86400 (24 stundas)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6044,7 +6187,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6059,7 +6202,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6068,7 +6211,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7133,7 +7276,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7148,7 +7291,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7157,7 +7300,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/nl.po b/src/man/po/nl.po
index bbba5c0f4..945599a2d 100644
--- a/src/man/po/nl.po
+++ b/src/man/po/nl.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Dutch (http://www.transifex.com/projects/p/fedora/language/"
"nl/)\n"
@@ -230,7 +230,7 @@ msgid "The [sssd] section"
msgstr "De [sssd] sectie"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Sectie parameters"
@@ -270,12 +270,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -284,7 +284,7 @@ msgstr ""
"Data Aanbieder crashed of opnieuw start voordat dit opgegeven wordt"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Standaard: 3"
@@ -295,12 +295,6 @@ msgstr "domeinen"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -308,13 +302,9 @@ msgid ""
"them to be queried. A domain name should only consist of alphanumeric ASCII "
"characters, dashes and underscores."
msgstr ""
-"Een domein is een databank met gebruikersinformatie. SSSD kan meerdere "
-"domeinen tegelijkertijd gebruiken, maar er moet op zijn minst één domein "
-"geconfigureerd zijn, anders start SSSD niet. Deze parameter omschrijft de "
-"lijst van domeinen in de volgorde die SSSD ze moet aflopen."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (tekst)"
@@ -334,32 +324,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (tekst)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -372,7 +401,7 @@ msgstr ""
"kijken of resolv.conf gewijzigd is als er geen inotify beschikbaar is."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -383,7 +412,7 @@ msgstr ""
"gezet worden"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -392,7 +421,7 @@ msgstr ""
"systemen."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -402,12 +431,12 @@ msgstr ""
"conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -416,26 +445,26 @@ msgstr ""
"opslaan."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -445,15 +474,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -471,12 +500,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "SERVICES SECTIE"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -485,81 +514,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "Algemene service configuratie-opties"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "Deze opties kunnen gebruikt worden om services te configureren."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "Voeg een tijdstempel toe aan de debugberichten"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Standaard: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -569,17 +599,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -587,18 +617,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -608,12 +638,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "NSS configuratie-opties"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -621,12 +651,12 @@ msgstr ""
"configurere."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -635,17 +665,17 @@ msgstr ""
"over alle gebruikers)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Standaard: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -653,7 +683,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -663,7 +693,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -672,17 +702,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (numeriek)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -690,17 +720,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -709,41 +739,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -751,112 +781,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -864,96 +894,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -961,59 +991,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1021,7 +1051,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1030,17 +1060,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1048,63 +1078,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Standaard: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1112,51 +1142,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1168,35 +1198,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1204,12 +1234,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1218,24 +1248,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1244,40 +1274,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1289,14 +1319,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1305,129 +1335,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1436,17 +1488,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1455,33 +1507,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1489,8 +1541,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1499,8 +1551,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1508,19 +1560,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1529,17 +1581,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1547,19 +1599,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1567,7 +1619,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1575,30 +1627,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1606,19 +1658,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1627,24 +1679,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1652,7 +1704,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1660,35 +1712,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1696,23 +1748,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1720,7 +1772,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1728,31 +1780,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1760,23 +1812,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1784,7 +1836,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1792,24 +1844,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1817,19 +1869,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1838,29 +1893,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1871,7 +1926,7 @@ msgstr ""
"het domein alles daarna\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1879,7 +1934,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -1888,67 +1943,59 @@ msgstr ""
"(?P&lt;name&gt;) om subpatronen aan te geven."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Standaard: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1956,56 +2003,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2014,22 +2061,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2039,18 +2086,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "re_expression (string)"
+msgid "realmd_tags (string)"
+msgstr "re_expression (tekst)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2058,29 +2118,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2088,19 +2148,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2108,73 +2168,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2182,17 +2242,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2201,17 +2261,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2219,17 +2279,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2237,18 +2297,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2278,7 +2338,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2619,7 +2679,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2679,7 +2739,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2696,7 +2756,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2706,14 +2766,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -3050,9 +3110,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3067,7 +3127,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3093,16 +3153,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3110,101 +3178,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3212,17 +3288,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3230,14 +3306,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3245,7 +3321,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3254,18 +3330,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3273,172 +3349,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3446,7 +3522,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3454,18 +3530,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3473,12 +3549,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3489,12 +3565,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3502,12 +3578,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3516,34 +3592,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3551,14 +3627,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3566,12 +3642,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3579,17 +3675,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3597,13 +3693,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3612,7 +3708,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3620,26 +3716,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3647,7 +3743,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3655,7 +3751,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3663,41 +3759,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3706,32 +3802,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3739,24 +3835,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3764,29 +3860,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3795,17 +3891,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3813,49 +3909,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3863,27 +3959,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3895,7 +3991,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3903,7 +3999,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3911,53 +4007,78 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "try_inotify (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "try_inotify (bool)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3965,7 +4086,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3973,29 +4094,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4004,56 +4125,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4064,12 +4185,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4078,14 +4199,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4094,24 +4215,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4119,19 +4240,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4140,7 +4261,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4148,7 +4269,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4156,109 +4277,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4269,7 +4398,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4287,213 +4416,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4501,106 +4630,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4609,76 +4738,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4687,46 +4816,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4734,43 +4863,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4778,7 +4907,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4786,7 +4915,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4799,20 +4928,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5247,7 +5376,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5255,18 +5384,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5274,14 +5406,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "debug_level (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "debug_level (numeriek)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5289,7 +5419,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5297,24 +5427,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5322,22 +5452,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5349,100 +5479,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0"
-msgid "Default: 0 (disabled)"
-msgstr "Standaard: 0"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5450,86 +5573,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5537,12 +5660,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5550,17 +5673,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5568,12 +5691,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5582,325 +5705,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5908,7 +6031,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5920,7 +6043,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5928,7 +6051,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6024,13 +6147,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -6040,12 +6170,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -6053,54 +6183,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 3"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Standaard: 3"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6108,7 +6247,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6123,7 +6262,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6132,7 +6271,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7112,10 +7251,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "re_expression (string)"
msgid "krb5_renew_interval (string)"
-msgstr "re_expression (tekst)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
@@ -7199,7 +7336,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7214,7 +7351,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7223,7 +7360,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/pt.po b/src/man/po/pt.po
index c901a1a6f..17d593149 100644
--- a/src/man/po/pt.po
+++ b/src/man/po/pt.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Portuguese <trans-pt@lists.fedoraproject.org>\n"
"Language: pt\n"
@@ -224,7 +224,7 @@ msgid "The [sssd] section"
msgstr "A seção [SSSD]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Parâmetros de secção"
@@ -265,12 +265,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -279,7 +279,7 @@ msgstr ""
"falha do provedor de dados ou reiniciar antes de eles desistirem"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Padrão: 3"
@@ -290,12 +290,6 @@ msgstr "domínios"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -303,13 +297,9 @@ msgid ""
"them to be queried. A domain name should only consist of alphanumeric ASCII "
"characters, dashes and underscores."
msgstr ""
-"Um domínio é uma base de dados contendo informações sobre o utilizador. SSSD "
-"pode usar mais domínios ao mesmo tempo, mas pelo menos uma deve ser "
-"configurada ou o SSSD não será iniciado. Este parâmetro descreve a lista de "
-"domínios na ordem desejada."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (string)"
@@ -329,32 +319,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (string)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+#, fuzzy
+#| msgid "realm name"
+msgid "user name"
+msgstr "nome de território"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (boolean)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -363,7 +394,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -371,52 +402,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -426,15 +457,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -452,12 +483,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -466,81 +497,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Padrão: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Padrão: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -550,17 +582,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -568,18 +600,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Padrão: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -589,40 +621,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -630,7 +662,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -640,7 +672,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -649,17 +681,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "Padrão: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -667,17 +699,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -686,41 +718,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -728,112 +760,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr "allowed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr "shell_fallback (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "Padrão: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -841,96 +873,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Padrão: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -938,59 +970,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Padrão: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -998,7 +1030,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1007,17 +1039,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1025,63 +1057,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1089,51 +1121,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1145,35 +1177,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1181,12 +1213,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1195,24 +1227,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "SECÇÕES DE DOMÍNIO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1221,40 +1253,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerate (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Padrão: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1266,14 +1298,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1282,129 +1314,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Padrão: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1413,17 +1467,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Padrão: 0 (ilimitado)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1432,33 +1486,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1466,8 +1520,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1476,8 +1530,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1485,19 +1539,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (bool)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1506,17 +1560,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1524,19 +1578,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1544,7 +1598,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1552,30 +1606,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1583,19 +1637,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1604,24 +1658,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1629,7 +1683,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1637,35 +1691,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1673,23 +1727,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1697,7 +1751,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1705,31 +1759,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1737,23 +1791,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1761,7 +1815,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1769,24 +1823,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1794,19 +1848,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1815,29 +1872,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1845,7 +1902,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1853,74 +1910,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Default: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "Default: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1928,56 +1977,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr "override_gid (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1986,22 +2035,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2011,18 +2060,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (string)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2030,29 +2092,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2060,19 +2122,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "A secção de domínio local"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2080,73 +2142,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Padrão: <filename>bash/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "Padrão: <filename>/ home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Padrão: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (bool)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (integer)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2154,17 +2216,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Padrão: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2173,17 +2235,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Padrão: <filename>skel/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2191,17 +2253,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Padrão: <filename>mail/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (string)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2209,18 +2271,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "Padrão: None, nenhum comando é executado"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "EXEMPLO"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2274,7 +2336,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2619,7 +2681,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2679,7 +2741,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "Padrão: nsUniqueId"
@@ -2696,7 +2758,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2706,14 +2768,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "Padrão: modifyTimestamp"
@@ -3050,9 +3112,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "Padrão: NC"
@@ -3067,7 +3129,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3093,16 +3155,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3110,101 +3180,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr "Padrão: host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3212,17 +3290,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3230,14 +3308,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3245,7 +3323,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3254,18 +3332,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3273,172 +3351,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "Padrão: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3446,7 +3524,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3454,18 +3532,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Padrão: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3473,12 +3551,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3489,12 +3567,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3502,12 +3580,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3516,34 +3594,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr "Padrão: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3551,14 +3629,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3566,12 +3644,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_sasl_canonicalize (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_sasl_canonicalize (boolean)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3579,17 +3679,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3597,13 +3697,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3612,7 +3712,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3620,19 +3720,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -3641,7 +3741,7 @@ msgstr ""
"qualquer certificado de servidor."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3649,7 +3749,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3657,7 +3757,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3665,41 +3765,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "Padrão: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3708,32 +3808,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3741,24 +3841,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3766,29 +3866,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3797,17 +3897,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3815,50 +3915,50 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "Padrão: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3866,27 +3966,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (integer)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Padrão: 86400 (24 horas)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3898,7 +3998,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3906,7 +4006,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3914,53 +4014,78 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_canonicalize (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_canonicalize (boolean)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3968,7 +4093,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3976,29 +4101,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "Padrão: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4007,56 +4132,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4067,12 +4192,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4081,14 +4206,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4097,24 +4222,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4122,19 +4247,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4143,7 +4268,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4151,7 +4276,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4159,109 +4284,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Padrão: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4272,7 +4405,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4290,213 +4423,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4504,106 +4637,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4612,76 +4745,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4690,46 +4823,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "OPÇÕES AVANÇADAS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4737,43 +4870,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4781,7 +4914,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4789,7 +4922,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4802,20 +4935,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "NOTAS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5256,28 +5389,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5285,14 +5419,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "timeout (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "timeout (integer)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5300,7 +5432,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5308,26 +5440,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (string)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5335,24 +5465,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5364,108 +5492,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "krb5_renew_interval (integer)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
-msgid "Default: 0 (disabled)"
-msgstr "Padrão: 0 (ilimitado)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: false"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Padrão: false"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr "Default: Use base DN"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5473,86 +5586,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (boolean)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5560,12 +5673,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5573,17 +5686,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5591,12 +5704,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5605,325 +5718,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr "Padrão: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr "Padrão: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr "Padrão: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr "Padrão: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr "Padrão: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr "Padrão: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (string)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr "Padrão: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5931,7 +6044,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5943,7 +6056,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5951,7 +6064,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -6051,13 +6164,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -6067,12 +6187,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -6080,58 +6200,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "case_sensitive (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "case_sensitive (boolean)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 86400 (24 hours)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Padrão: 86400 (24 horas)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
-#, fuzzy
-#| msgid "krb5_fast_principal (string)"
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
-msgstr "krb5_fast_principal (string)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6139,7 +6264,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6154,7 +6279,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6163,7 +6288,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7153,10 +7278,8 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_renew_interval (integer)"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
@@ -7240,7 +7363,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7255,7 +7378,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7264,7 +7387,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/ru.po b/src/man/po/ru.po
index ea3b3e751..3bdef77b2 100644
--- a/src/man/po/ru.po
+++ b/src/man/po/ru.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Russian <trans-ru@lists.fedoraproject.org>\n"
"Language: ru\n"
@@ -201,7 +201,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -238,19 +238,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "попыток_соединения (целое число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "По умолчанию: 3"
@@ -270,7 +270,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -290,32 +290,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -324,7 +363,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -332,52 +371,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -387,15 +426,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -413,12 +452,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -427,81 +466,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "По умолчанию: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "По умолчанию: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -511,17 +551,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -529,18 +569,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -550,40 +590,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "По умолчанию: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -591,7 +631,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -601,7 +641,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -610,17 +650,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -628,17 +668,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "По умолчанию: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -647,41 +687,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "По умолчанию: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -689,112 +729,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -802,96 +842,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "По умолчанию: 0 (неограничено)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -899,59 +939,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "По умолчанию: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "В настоящее время sssd поддерживает следующие значения:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "По умолчанию: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -959,7 +999,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -968,17 +1008,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -986,63 +1026,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1050,51 +1090,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1106,35 +1146,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1142,12 +1182,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1156,24 +1196,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1182,40 +1222,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "По умолчанию: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1227,14 +1267,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1243,129 +1283,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1374,17 +1436,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1393,33 +1455,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1427,8 +1489,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1437,8 +1499,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1446,19 +1508,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1467,17 +1529,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1485,19 +1547,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1505,7 +1567,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1513,30 +1575,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1544,19 +1606,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1565,24 +1627,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1590,7 +1652,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1598,35 +1660,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1634,23 +1696,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1658,7 +1720,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1666,31 +1728,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1698,23 +1760,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1722,7 +1784,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1730,24 +1792,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1755,19 +1817,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1776,29 +1841,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1806,7 +1871,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1814,74 +1879,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "По умолчанию: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Поддерживаемые значения:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1889,56 +1946,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr "По умолчанию: использовать доменное имя из hostname"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1947,22 +2004,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1972,18 +2029,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1991,29 +2059,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2021,19 +2089,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2041,73 +2109,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "По умолчанию: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "По умолчанию: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2115,17 +2183,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "По умолчанию: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2134,17 +2202,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "По умолчанию: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2152,17 +2220,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "По умолчанию: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2170,18 +2238,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "ПРИМЕР"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2211,7 +2279,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2552,7 +2620,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2612,7 +2680,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2629,7 +2697,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2639,14 +2707,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "По умолчанию: modifyTimestamp"
@@ -2983,9 +3051,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3000,7 +3068,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3026,16 +3094,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3043,101 +3119,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3145,17 +3229,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3163,14 +3247,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3178,7 +3262,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3187,18 +3271,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3206,172 +3290,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3379,7 +3463,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3387,18 +3471,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3406,12 +3490,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3422,12 +3506,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3435,12 +3519,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3449,34 +3533,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3484,14 +3568,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3499,12 +3583,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3512,17 +3616,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3530,13 +3634,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3545,7 +3649,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3553,26 +3657,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3580,7 +3684,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3588,7 +3692,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3596,41 +3700,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3639,32 +3743,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3672,24 +3776,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3697,29 +3801,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3728,17 +3832,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3746,49 +3850,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3796,27 +3900,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3828,7 +3932,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3836,7 +3940,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3844,53 +3948,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3898,7 +4025,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3906,29 +4033,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3937,56 +4064,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3997,12 +4124,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4011,14 +4138,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4027,24 +4154,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4052,19 +4179,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4073,7 +4200,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4081,7 +4208,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4089,109 +4216,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4202,7 +4337,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4220,213 +4355,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4434,106 +4569,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4542,76 +4677,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4620,46 +4755,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4667,43 +4802,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4711,7 +4846,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4719,7 +4854,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4732,20 +4867,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5180,7 +5315,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5188,18 +5323,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5207,12 +5345,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5220,7 +5358,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5228,24 +5366,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5253,22 +5391,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5280,102 +5418,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: false"
-msgid "Default: 0 (disabled)"
-msgstr "По умолчанию: false"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: false"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "По умолчанию: false"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5383,86 +5512,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5470,12 +5599,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5483,17 +5612,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5501,12 +5630,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5515,325 +5644,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5841,7 +5970,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5853,7 +5982,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5861,7 +5990,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5957,13 +6086,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5973,12 +6109,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5986,54 +6122,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: gecos"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "По умолчанию: gecos"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6041,7 +6186,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6056,7 +6201,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6065,7 +6210,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7130,7 +7275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7145,7 +7290,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7154,7 +7299,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot
index 40fe25e93..9e64836b0 100644
--- a/src/man/po/sssd-docs.pot
+++ b/src/man/po/sssd-docs.pot
@@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sssd-docs 1.9.92\n"
+"Project-Id-Version: sssd-docs 1.9.94\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -177,7 +177,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -213,19 +213,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr ""
@@ -245,7 +245,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -265,32 +265,72 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+"A <citerefentry> <refentrytitle>printf</refentrytitle> "
"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"how to compose a fully qualified name from user name and domain name "
+"components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -299,7 +339,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -307,52 +347,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at "
"build-time. (__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -362,14 +402,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348 sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282 sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383 sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352 sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145 include/ldap_id_mapping.xml:156
msgid "Default: not set"
msgstr ""
@@ -385,12 +425,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -399,74 +439,74 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790 sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043 sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357 sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819 sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196 sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181 sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396 sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135 sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712 sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431 sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139 sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244 sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -476,17 +516,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -494,17 +534,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562 sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591 sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the "
"<quote>timeout</quote> option), it is first sent the SIGTERM signal that "
@@ -514,41 +554,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) "
"service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -556,7 +596,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -566,7 +606,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -575,17 +615,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -593,17 +633,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set "
@@ -612,39 +652,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid "If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid "The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -652,112 +692,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid "Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in "
"<quote>/etc/shells</quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in "
"<quote>/etc/shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the "
"machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during "
"lookup. This option supersedes any other shell options if it takes effect "
@@ -765,96 +805,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -862,59 +902,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during "
"authentication. The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -922,7 +962,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a "
@@ -932,17 +972,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -950,7 +990,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be "
@@ -958,56 +998,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting "
"<emphasis>pwd_expiration_warning</emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1015,51 +1055,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1071,35 +1111,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
-"parameter."
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, "
+"i.e. the system defaults are used, but can be overwritten with the "
+"default_shell parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1107,12 +1147,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1121,24 +1161,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For "
@@ -1147,39 +1187,39 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165 sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212 sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1191,14 +1231,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1207,128 +1247,150 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006 sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035 sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1337,17 +1399,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1356,34 +1418,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1391,7 +1453,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259 sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306 sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1400,7 +1462,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268 sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315 sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1408,19 +1470,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified "
"names. For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1429,17 +1491,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1447,19 +1509,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1467,7 +1529,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1475,29 +1537,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid "<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1505,19 +1567,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> "
@@ -1526,24 +1588,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> "
@@ -1552,7 +1614,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1560,34 +1622,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid "<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1595,22 +1657,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446 sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493 sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1618,7 +1680,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1627,31 +1689,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1660,22 +1722,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid "The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1683,7 +1745,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> "
@@ -1691,24 +1753,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1717,19 +1779,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: "
"<quote>(((?P&lt;domain&gt;[^\\\\]+)\\\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?P&lt;name&gt;[^@\\\\]+)$))</quote> "
@@ -1737,29 +1802,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1767,7 +1832,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1775,75 +1840,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax "
"(?P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple for this domain into a fully "
-"qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1851,56 +1907,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1909,22 +1965,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1934,17 +1990,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid "Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called "
@@ -1953,29 +2019,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -1983,19 +2049,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" "
"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2003,73 +2069,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2077,17 +2143,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2096,17 +2162,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2114,17 +2180,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2132,17 +2198,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131 sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131 sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2172,7 +2238,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2513,7 +2579,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2573,7 +2639,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2590,7 +2656,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2600,14 +2666,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2945,7 +3011,7 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940 sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198 sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954 sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268 sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -2960,7 +3026,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -2986,16 +3052,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option "
+"<emphasis>must</emphasis> include <quote>authorized_service</quote> in order "
+"for the ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3003,101 +3077,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option "
+"<emphasis>must</emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups "
"(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD "
@@ -3105,17 +3187,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3123,14 +3205,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3138,7 +3220,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink "
@@ -3147,17 +3229,17 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198 sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212 sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3165,169 +3247,169 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid "The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3335,7 +3417,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3343,17 +3425,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140 sssd-krb5.5.xml:226
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154 sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3361,12 +3443,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> "
@@ -3377,12 +3459,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3390,12 +3472,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3404,34 +3486,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single "
"request. Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3439,7 +3521,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use "
@@ -3447,7 +3529,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3455,12 +3537,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3468,17 +3570,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3486,12 +3588,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid "You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3500,7 +3602,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3508,26 +3610,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3535,7 +3637,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3543,7 +3645,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3551,41 +3653,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in "
"<filename>/etc/openldap/ldap.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3594,32 +3696,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3627,24 +3729,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem "
"class=\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3652,29 +3754,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3684,17 +3786,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3702,49 +3804,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3752,27 +3854,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of "
@@ -3784,7 +3886,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3792,7 +3894,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of "
"SSSD. While the legacy name is recognized for the time being, users are "
@@ -3801,53 +3903,77 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> "
+"</citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> "
+"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> "
+"<manvolnum>8</manvolnum> </citerefentry> manual page for more information on "
+"the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client "
"side. The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use "
"<citerefentry><refentrytitle>shadow</refentrytitle> "
@@ -3856,7 +3982,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3864,29 +3990,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3895,56 +4021,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3955,12 +4081,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -3969,14 +4095,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -3985,24 +4111,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4010,19 +4136,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4031,7 +4157,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, "
"<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check "
@@ -4039,7 +4165,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4047,109 +4173,117 @@ msgid ""
"allowed. If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option "
+"<emphasis>must</emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4160,7 +4294,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4178,213 +4312,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval "
"</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4392,105 +4526,105 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103 sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173 sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is "
"<emphasis>false</emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4499,76 +4633,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder "
"type=\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" "
@@ -4577,46 +4711,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = "
@@ -4625,43 +4759,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4669,7 +4803,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4677,7 +4811,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4690,17 +4824,17 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744 sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487 include/ldap_id_mapping.xml:63
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748 sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515 include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299 sss_seed.8.xml:163
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311 sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5141,7 +5275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5149,18 +5283,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old "
"<emphasis>ipa_dyndns_update</emphasis> option, users should migrate to using "
@@ -5168,12 +5305,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5181,7 +5318,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old "
"<emphasis>ipa_dyndns_ttl</emphasis> option, users should migrate to using "
@@ -5189,24 +5326,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old "
"<emphasis>ipa_dyndns_iface</emphasis> option, users should migrate to using "
@@ -5214,22 +5351,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5242,98 +5379,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-msgid "Default: 0 (disabled)"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5341,85 +5473,85 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23 include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5427,12 +5559,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5440,17 +5572,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5458,12 +5590,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5472,324 +5604,324 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid "The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5797,7 +5929,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of "
"sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5809,7 +5941,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -5817,7 +5949,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5915,13 +6047,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5931,12 +6070,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5944,45 +6083,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise "
"principal. See section 5 of RFC 6806 for more details about enterprise "
@@ -5990,7 +6140,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and "
"example.com is one of the domains in the <replaceable>[sssd]</replaceable> "
@@ -5998,7 +6148,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6013,7 +6163,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6022,7 +6172,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7086,7 +7236,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7102,7 +7252,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7111,7 +7261,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/tg.po b/src/man/po/tg.po
index a560758fc..7dd2725f3 100644
--- a/src/man/po/tg.po
+++ b/src/man/po/tg.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Tajik (http://www.transifex.com/projects/p/fedora/language/"
"tg/)\n"
@@ -200,7 +200,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -237,19 +237,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Пешфарз: 3"
@@ -269,7 +269,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -289,32 +289,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -323,7 +362,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -331,52 +370,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -386,15 +425,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -412,12 +451,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -426,81 +465,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Пешфарз: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Пешфарз: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Пешфарз: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -510,17 +550,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -528,18 +568,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -549,40 +589,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Пешфарз: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -590,7 +630,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -600,7 +640,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -609,17 +649,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "Пешфарз: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -627,17 +667,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Пешфарз: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -646,41 +686,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Пешфарз: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -688,112 +728,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "Пешфарз: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -801,96 +841,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Пешфарз: 0 (Номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -898,59 +938,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Пешфарз: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Пешфарз: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -958,7 +998,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -967,17 +1007,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -985,63 +1025,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Пешфарз: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1049,51 +1089,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1105,35 +1145,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1141,12 +1181,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1155,24 +1195,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1181,40 +1221,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Пешфарз: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1226,14 +1266,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1242,129 +1282,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Пешфарз: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1373,17 +1435,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Пешфарз: 0 (номаҳдуд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1392,33 +1454,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1426,8 +1488,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1436,8 +1498,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1445,19 +1507,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1466,17 +1528,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1484,19 +1546,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1504,7 +1566,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1512,30 +1574,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1543,19 +1605,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1564,24 +1626,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1589,7 +1651,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1597,35 +1659,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1633,23 +1695,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1657,7 +1719,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1665,31 +1727,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1697,23 +1759,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1721,7 +1783,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1729,24 +1791,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1754,19 +1816,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1775,29 +1840,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1805,7 +1870,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1813,74 +1878,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1888,56 +1945,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1946,22 +2003,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1971,18 +2028,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1990,29 +2058,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2020,19 +2088,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2040,73 +2108,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Пешфарз: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2114,17 +2182,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2133,17 +2201,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2151,17 +2219,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2169,18 +2237,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "НАМУНА"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2210,7 +2278,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2551,7 +2619,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2611,7 +2679,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2628,7 +2696,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2638,14 +2706,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2982,9 +3050,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -2999,7 +3067,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3025,16 +3093,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3042,101 +3118,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3144,17 +3228,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "Пешфарз: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3162,14 +3246,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3177,7 +3261,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3186,18 +3270,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3205,172 +3289,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3378,7 +3462,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3386,18 +3470,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Пешфарз: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3405,12 +3489,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3421,12 +3505,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3434,12 +3518,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3448,34 +3532,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3483,14 +3567,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3498,12 +3582,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3511,17 +3615,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3529,13 +3633,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3544,7 +3648,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3552,26 +3656,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3579,7 +3683,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3587,7 +3691,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3595,41 +3699,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3638,32 +3742,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3671,24 +3775,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3696,29 +3800,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3727,17 +3831,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3745,49 +3849,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "Пешфарз: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3795,27 +3899,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3827,7 +3931,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3835,7 +3939,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3843,53 +3947,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3897,7 +4024,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3905,29 +4032,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3936,56 +4063,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -3996,12 +4123,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Намуна:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4010,14 +4137,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4026,24 +4153,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4051,19 +4178,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4072,7 +4199,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4080,7 +4207,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4088,109 +4215,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4201,7 +4336,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4219,213 +4354,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4433,106 +4568,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4541,76 +4676,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4619,46 +4754,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4666,43 +4801,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4710,7 +4845,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4718,7 +4853,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4731,20 +4866,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЭЗОҲҲО"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5179,7 +5314,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5187,18 +5322,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5206,12 +5344,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5219,7 +5357,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5227,24 +5365,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5252,22 +5390,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5279,102 +5417,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
-msgid "Default: 0 (disabled)"
-msgstr "Пешфарз: 0 (номаҳдуд)"
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: false"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Пешфарз: false"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5382,86 +5511,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5469,12 +5598,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5482,17 +5611,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5500,12 +5629,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5514,325 +5643,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5840,7 +5969,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5852,7 +5981,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5860,7 +5989,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5956,13 +6085,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5972,12 +6108,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5985,54 +6121,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 0 (unlimited)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Пешфарз: 0 (номаҳдуд)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6040,7 +6185,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6055,7 +6200,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6064,7 +6209,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7129,7 +7274,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7144,7 +7289,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7153,7 +7298,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
diff --git a/src/man/po/uk.po b/src/man/po/uk.po
index 7483e365e..0623f7752 100644
--- a/src/man/po/uk.po
+++ b/src/man/po/uk.po
@@ -4,14 +4,14 @@
#
# Translators:
# sgallagh <sgallagh@redhat.com>, 2011
-# Yuri Chornoivan <yurchor@ukr.net>, 2011-2012
+# Yuri Chornoivan <yurchor@ukr.net>, 2011-2013
# Yuri Chornoivan <yurchor@ukr.net>, 2013
msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 19:20+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 20:40+0000\n"
"Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n"
"Language-Team: Ukrainian <trans-uk@lists.fedoraproject.org>\n"
"Language: uk\n"
@@ -235,7 +235,7 @@ msgid "The [sssd] section"
msgstr "Розділ [sssd]"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr "Параметри розділу"
@@ -280,12 +280,12 @@ msgstr ""
"\">, pac</phrase>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr "reconnection_retries (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
@@ -295,7 +295,7 @@ msgstr ""
"визнання подальших спроб безнадійними."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "Типове значення: 3"
@@ -306,12 +306,6 @@ msgstr "domains"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
#: sssd.conf.5.xml:114
-#, fuzzy
-#| msgid ""
-#| "A domain is a database containing user information. SSSD can use more "
-#| "domains at the same time, but at least one must be configured or SSSD "
-#| "won't start. This parameter described the list of domains in the order "
-#| "you want them to be queried."
msgid ""
"A domain is a database containing user information. SSSD can use more "
"domains at the same time, but at least one must be configured or SSSD won't "
@@ -323,10 +317,11 @@ msgstr ""
"одночасно використовувати декілька доменів. Вам слід вказати принаймні один "
"домен, інакше SSSD просто не запуститься. За допомогою цього параметра можна "
"вказати список доменів, впорядкованих за пріоритетністю під час надсилання "
-"до них запитів щодо даних."
+"до них запитів щодо даних. Назва домену має складатися лише з літер і цифр "
+"ASCII, дефісів та знаків підкреслювання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr "re_expression (рядок)"
@@ -352,23 +347,76 @@ msgstr ""
"ДОМЕНІВ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr "full_name_format (рядок)"
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+#, fuzzy
+#| msgid ""
+#| "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+#| "manvolnum> </citerefentry>-compatible format that describes how to "
+#| "translate a (name, domain) tuple for this domain into a fully qualified "
+#| "name."
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+"Формат, сумісний з <citerefentry> <refentrytitle>printf</refentrytitle> "
+"<manvolnum>3</manvolnum> </citerefentry>, який описує спосіб перетворення "
+"кортежу (назва, домен) для цього домену у назву належного формату."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+#, fuzzy
+#| msgid "username"
+msgid "user name"
+msgstr "користувач"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
msgstr ""
-"Типовий формат, сумісний з <citerefentry> <refentrytitle>printf</"
-"refentrytitle> <manvolnum>3</manvolnum> </citerefentry>, який описує спосіб "
-"перетворення кортежу (назва, домен) у назву належного формату."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
+msgid ""
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+#, fuzzy
+#| msgid ""
+#| "Options valid for proxy domains. <placeholder type=\"variablelist\" id="
+#| "\"0\"/>"
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
+msgstr ""
+"Параметри, які є чинними для доменів проксі. <placeholder type="
+"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
@@ -377,12 +425,12 @@ msgstr ""
"про ці рядки можна дізнатися з довідки до РОЗДІЛІВ ДОМЕНІВ."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr "try_inotify (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -395,7 +443,7 @@ msgstr ""
"виконуватиметься опитування resolv.conf кожні п’ять секунд."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -405,7 +453,7 @@ msgstr ""
"рідкісних випадках слід встановити для цього параметра значення «false»."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
@@ -414,7 +462,7 @@ msgstr ""
"інших платформах."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
@@ -424,12 +472,12 @@ msgstr ""
"опитування файла."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr "krb5_rcache_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
@@ -438,7 +486,7 @@ msgstr ""
"Kerberos."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
@@ -448,7 +496,7 @@ msgstr ""
"для кешу відтворення."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
@@ -457,12 +505,12 @@ msgstr ""
"(__LIBKRB5_DEFAULTS__, якщо не вказано)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr "default_domain_suffix (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -478,7 +526,7 @@ msgstr ""
"лише імені користувача без додавання до нього назви домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
@@ -488,8 +536,8 @@ msgstr ""
"користувач@назва.домену, для входу до системи."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -512,12 +560,12 @@ msgstr ""
"профілів. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "РОЗДІЛИ СЛУЖБ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -530,65 +578,66 @@ msgstr ""
"у розділі <quote>[nss]</quote>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "Загальні параметри налаштування служб"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr "debug_level (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr "debug_timestamps (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr "Додати часову позначку до діагностичних повідомлень."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr "Типове значення: true"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr "debug_microseconds (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
"Додати значення мікросекунд до часової позначки у діагностичних повідомленнях"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr "Типове значення: false"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr "timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
@@ -597,17 +646,17 @@ msgstr ""
"перевірки працездатності процесу та його змоги відповідати на запити."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr "Типове значення: 10"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr "fd_limit"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -623,17 +672,17 @@ msgstr ""
"цього параметра і обмеженням \"hard\" у limits.conf."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr "Типове значення: 8192 (або обмеження у limits.conf \"hard\")"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr "client_idle_timeout"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -645,18 +694,18 @@ msgstr ""
"вичерпання ресурсів системи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr "Типове значення: 60"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr "force_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -672,12 +721,12 @@ msgstr ""
"сигналу SIGKILL."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr "Параметри налаштування NSS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
@@ -685,12 +734,12 @@ msgstr ""
"Switch (NSS або перемикання служби визначення назв)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr "enum_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
@@ -699,17 +748,17 @@ msgstr ""
"кеші nss_sss у секундах"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr "Типове значення: 120"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr "entry_cache_nowait_percentage (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -720,7 +769,7 @@ msgstr ""
"entry_cache_timeout для домену період часу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -735,7 +784,7 @@ msgstr ""
"розблокування після оновлення кешу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -749,17 +798,17 @@ msgstr ""
"можливість."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr "Типове значення: 50"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr "entry_negative_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -770,17 +819,17 @@ msgstr ""
"даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr "Типове значення: 15"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr "filter_users, filter_groups (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -794,17 +843,17 @@ msgstr ""
"списку користувачами лише з певного домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr "Типове значення: root"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr "filter_users_in_groups (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
@@ -812,12 +861,12 @@ msgstr ""
"встановіть для цього параметра значення «false»."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr "fallback_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
@@ -826,7 +875,7 @@ msgstr ""
"каталог не вказано явним чином засобом надання даних домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
@@ -834,7 +883,7 @@ msgstr ""
"для параметра override_homedir."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -844,24 +893,24 @@ msgstr ""
" "
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
"Типове значення: не встановлено (без замін для невстановлених домашніх "
"каталогів)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr "override_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
@@ -870,19 +919,19 @@ msgstr ""
"вказати на загальному рівні у розділі [nss] або для кожного з доменів окремо."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
"Типове значення: не встановлено (SSSD використовуватиме значення, отримане "
"від LDAP)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr "allowed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
@@ -890,13 +939,13 @@ msgstr ""
"визначення оболонки є таким:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
"1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
@@ -906,7 +955,7 @@ msgstr ""
"shell_fallback."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
@@ -915,12 +964,12 @@ msgstr ""
"<quote>/etc/shells</quote>, буде використано оболонку nologin."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr "Порожній рядок оболонки буде передано без обробки до libc."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
@@ -929,29 +978,29 @@ msgstr ""
"тобто у разі встановлення нової оболонки слід перезапустити SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
"Типове значення: не встановлено. Автоматично використовується оболонка "
"користувача."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr "vetoed_shells (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr "Замінити всі записи цих оболонок на shell_fallback"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr "shell_fallback (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
@@ -959,17 +1008,17 @@ msgstr ""
"системі не встановлено."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr "Типове значення: /bin/sh"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr "default_shell"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -982,7 +1031,7 @@ msgstr ""
"окремого домену."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
@@ -992,12 +1041,12 @@ msgstr ""
"зазвичай /bin/sh)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr "get_domains_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
@@ -1006,12 +1055,12 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr "memcache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
@@ -1020,17 +1069,17 @@ msgstr ""
"чинним."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr "Типове значення: 300"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr "Параметри налаштування PAM"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
@@ -1039,12 +1088,12 @@ msgstr ""
"Authentication Module (PAM або блокового модуля розпізнавання)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr "offline_credentials_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
@@ -1054,17 +1103,17 @@ msgstr ""
"входу до системи)."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr "offline_failed_login_attempts (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
@@ -1073,12 +1122,12 @@ msgstr ""
"дозволену кількість спроб входу з визначенням помилкового пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr "offline_failed_login_delay (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
@@ -1088,7 +1137,7 @@ msgstr ""
"системи."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -1100,17 +1149,17 @@ msgstr ""
"увімкнути можливість автономного розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr "Типове значення: 5"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr "pam_verbosity (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
@@ -1119,43 +1168,43 @@ msgstr ""
"розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr "У поточній версії sssd передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
"<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані"
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr "Типове значення: 1"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr "pam_id_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -1166,7 +1215,7 @@ msgstr ""
"що розпізнавання виконується на основі найсвіжіших даних."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -1180,18 +1229,18 @@ msgstr ""
"надання даних профілів."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr "pam_pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
"Показати попередження за вказану кількість днів перед завершенням дії пароля."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1202,7 +1251,7 @@ msgstr ""
"попередження."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
@@ -1212,7 +1261,7 @@ msgstr ""
"буде автоматично показано."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
@@ -1221,27 +1270,27 @@ msgstr ""
"<emphasis>pwd_expiration_warning</emphasis> для окремого домену."
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr "Типове значення: 0"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr "Параметри налаштування SUDO"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr "Цими параметрами можна скористатися для налаштування служби sudo."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr "sudo_timed (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
@@ -1250,22 +1299,22 @@ msgstr ""
"призначені для визначення часових обмежень для записів sudoers."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr "Параметри налаштування AUTOFS"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr "Цими параметрами можна скористатися для налаштування служби autofs."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr "autofs_negative_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1276,22 +1325,22 @@ msgstr ""
"базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки."
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr "Параметри налаштувань SSH"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr "Цими параметрами можна скористатися для налаштування служби SSH."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr "ssh_hash_known_hosts (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
@@ -1299,12 +1348,12 @@ msgstr ""
"Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr "ssh_known_hosts_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
@@ -1313,17 +1362,17 @@ msgstr ""
"файлі known_hosts після надсилання запиту щодо ключів вузла."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr "Типове значення: 180"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr "Параметри налаштування відповідача PAC"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1342,13 +1391,21 @@ msgstr ""
"декодовано і визначено, виконуються деякі з таких дій:"
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
+#, fuzzy
+#| msgid ""
+#| "If the remote user does not exist in the cache, it is created. The uid is "
+#| "calculated based on the SID, trusted domains will have UPGs and the gid "
+#| "will have the same value as the uid. The home directory is set based on "
+#| "the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+#| "the system defaults are used, but can be overwritten with the "
+#| "default_shell parameter."
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
"Якщо у кеші немає даних віддаленого користувача, запис цих даних буде "
@@ -1360,27 +1417,31 @@ msgstr ""
"параметра default_shell."
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
+#, fuzzy
+#| msgid ""
+#| "If there are SIDs of groups from the domain the sssd client belongs to, "
+#| "the user will be added to those groups."
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
"Якщо існують SID груп з домену, до якого належить клієнт SSSD, запис "
"користувача буде додано до цих груп."
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
"Цими параметрами можна скористатися для налаштовування відповідача PAC."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr "allowed_uids (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1391,14 +1452,14 @@ msgstr ""
"іменами користувачів визначатимуться під час запуску."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
"Типове значення: 0 (доступ до відповідача PAC має лише адміністративний "
"користувач (root))"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1412,17 +1473,17 @@ msgstr ""
"запис 0."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr "РОЗДІЛИ ДОМЕНІВ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr "min_id,max_id (ціле значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
@@ -1431,7 +1492,7 @@ msgstr ""
"відповідає цим обмеженням, його буде проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1444,17 +1505,17 @@ msgstr ""
"основної групи і належать діапазону, буде виведено у звичайному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr "enumerate (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
@@ -1463,23 +1524,23 @@ msgstr ""
"значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr "TRUE = користувачі і групи нумеруються"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr "FALSE = не використовувати нумерацію для цього домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr "Типове значення: FALSE"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1498,7 +1559,7 @@ msgstr ""
"повторне визначення параметрів участі також іноді є складним завданням."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
@@ -1508,7 +1569,7 @@ msgstr ""
"завершено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1522,7 +1583,7 @@ msgstr ""
"відповідного використаного засобу обробки ідентифікаторів (id_provider)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
@@ -1531,12 +1592,12 @@ msgstr ""
"об’ємних середовищах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr "entry_cache_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
@@ -1545,17 +1606,17 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr "Типове значення: 5400"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr "entry_cache_user_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
@@ -1564,18 +1625,18 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr "Типове значення: entry_cache_timeout"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr "entry_cache_group_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
@@ -1584,12 +1645,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr "entry_cache_netgroup_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
@@ -1598,12 +1659,12 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr "entry_cache_service_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
@@ -1612,12 +1673,12 @@ msgstr ""
"ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr "entry_cache_sudo_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
@@ -1626,12 +1687,12 @@ msgstr ""
"надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr "entry_cache_autofs_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
@@ -1640,31 +1701,61 @@ msgstr ""
"чинними, перш ніж надсилати повторний запит до сервера"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+#, fuzzy
+#| msgid "dyndns_refresh_interval (integer)"
+msgid "refresh_expired_interval (integer)"
+msgstr "dyndns_refresh_interval (ціле число)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+#, fuzzy
+#| msgid ""
+#| "Specifies how many seconds SSSD has to wait before refreshing its cache "
+#| "of enumerated records."
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+"Визначає кількість секунд, протягом яких SSSD має очікувати до оновлення "
+"свого кешу нумерованих записів."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr "Типове значення: 0 (вимкнено)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr "cache_credentials (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
"Визначає, чи слід також кешувати реєстраційні дані користувача у локальному "
"кеші LDB"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
"Реєстраційні дані користувача зберігаються у форматі хешу SHA512, а не у "
"форматі звичайного тексту"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr "account_cache_expiration (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1677,17 +1768,17 @@ msgstr ""
"offline_credentials_expiration."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr "Типове значення: 0 (без обмежень)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr "pwd_expiration_warning (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1700,17 +1791,17 @@ msgstr ""
"даних розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr "id_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
@@ -1718,17 +1809,17 @@ msgstr ""
"Серед підтримуваних засобів такі:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr "«proxy»: підтримка застарілого модуля надання даних NSS"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr "<quote>local</quote>: вбудований засіб SSSD для локальних користувачів"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1739,8 +1830,8 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1753,8 +1844,8 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1766,12 +1857,12 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr "use_fully_qualified_names (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
@@ -1781,7 +1872,7 @@ msgstr ""
"NSS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1794,17 +1885,17 @@ msgstr ""
"не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr "ignore_group_members (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr "Не повертати записи учасників груп для пошуків груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1815,12 +1906,12 @@ msgstr ""
"обробки запитів щодо пошуку груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr "auth_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
@@ -1829,7 +1920,7 @@ msgstr ""
"служб розпізнавання:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1841,7 +1932,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1853,18 +1944,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr "<quote>none</quote> — вимкнути розпізнавання повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
@@ -1873,12 +1964,12 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо розпізнавання."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr "access_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1889,7 +1980,7 @@ msgstr ""
"Вбудованими програмами є:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
@@ -1898,12 +1989,12 @@ msgstr ""
"доступу для локального домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr "<quote>deny</quote> — завжди забороняти доступ."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1916,17 +2007,17 @@ msgstr ""
"refentrytitle> <manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr "Типове значення: <quote>permit</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr "chpass_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
@@ -1935,7 +2026,7 @@ msgstr ""
"підтримку таких систем зміни паролів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1947,7 +2038,7 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1959,18 +2050,18 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
@@ -1979,19 +2070,19 @@ msgstr ""
"цього параметра і якщо система здатна обробляти запити щодо паролів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr "sudo_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
"Служба SUDO, яку використано для цього домену. Серед підтримуваних служб "
"SUDO:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2003,25 +2094,25 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr "<quote>none</quote> явним чином вимикає SUDO."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
"Типове значення: використовується значення <quote>id_provider</quote>, якщо "
"його встановлено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr "selinux_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -2032,7 +2123,7 @@ msgstr ""
"доступу. Передбачено підтримку таких засобів надання даних SELinux:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2044,14 +2135,14 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
"<quote>none</quote> явним чином забороняє отримання даних щодо параметрів "
"SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
@@ -2060,12 +2151,12 @@ msgstr ""
"спосіб встановлено і можлива обробка запитів щодо завантаження SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr "subdomains_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
@@ -2075,7 +2166,7 @@ msgstr ""
"підтримку таких засобів надання даних піддоменів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2087,17 +2178,17 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr "autofs_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
@@ -2105,7 +2196,7 @@ msgstr ""
"autofs:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2117,7 +2208,7 @@ msgstr ""
"citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -2129,17 +2220,17 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr "<quote>none</quote> вимикає autofs повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr "hostid_provider (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
@@ -2148,7 +2239,7 @@ msgstr ""
"вузла. Серед підтримуваних засобів надання hostid:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -2160,21 +2251,22 @@ msgstr ""
"manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr "<quote>none</quote> вимикає hostid повністю."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
-"Формальний вираз, який описує для цього домену спосіб поділу рядка з іменем "
-"користувача і доменом на його частини."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -2187,22 +2279,22 @@ msgstr ""
"різні стилі запису імен користувачів:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr "користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr "користувач@назва.домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr "домен\\користувач"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
@@ -2211,7 +2303,7 @@ msgstr ""
"того, щоб полегшити інтеграцію користувачів з доменів Windows."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -2222,7 +2314,7 @@ msgstr ""
"домену — все після цього символу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -2234,7 +2326,7 @@ msgstr ""
"платформах з версією libpcre 7."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
@@ -2244,28 +2336,17 @@ msgstr ""
"підшаблонів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-"Формат, сумісний з <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>, який описує спосіб перетворення "
-"кортежу (назва, домен) для цього домену у назву належного формату."
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr "Типове значення: <quote>%1$s@%2$s</quote>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr "lookup_family_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
@@ -2274,48 +2355,48 @@ msgstr ""
"під час виконання пошуків у DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr "Передбачено підтримку таких значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
"ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі "
"спробувати формат IPv6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
"ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
"ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі "
"спробувати формат IPv4"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
"ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr "Типове значення: ipv4_first"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr "dns_resolver_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -2326,12 +2407,12 @@ msgstr ""
"очікування буде перевищено, домен продовжуватиме роботу у автономному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr "dns_discovery_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
@@ -2340,28 +2421,28 @@ msgstr ""
"частину запиту визначення служб DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
"Типова поведінка: використовувати назву домену з назви вузла комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr "override_gid (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr "Замірити значення основного GID на вказане."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr "case_sensitive (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
@@ -2370,17 +2451,17 @@ msgstr ""
"версії підтримку передбачено лише для локальних надавачів даних."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr "Типове значення: True"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr "proxy_fast_alias (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -2395,26 +2476,22 @@ msgstr ""
"у кеші, щоб пришвидшити надання результатів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr "subdomain_homedir (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
-msgstr ""
+msgstr "%F"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
-msgstr ""
+msgstr "спрощена (NetBIOS) назва піддомену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
-#, fuzzy
-#| msgid ""
-#| "Use this homedir as default value for all subdomains within this domain. "
-#| "See <emphasis>override_homedir</emphasis> for info about possible values."
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -2424,10 +2501,12 @@ msgid ""
msgstr ""
"Використовувати вказаний домашній каталог як типовий для всіх піддоменів у "
"цьому домені. Дані щодо можливих значень наведено у описі параметра "
-"<emphasis>override_homedir</emphasis>."
+"<emphasis>override_homedir</emphasis>. Крім того, розгортання можна "
+"використовувати лише з <emphasis>subdomain_homedir</emphasis>. <placeholder "
+"type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
@@ -2435,12 +2514,25 @@ msgstr ""
"emphasis>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr "Типове значення: <filename>/home/%d/%u</filename>"
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+#, fuzzy
+#| msgid "krb5_realm (string)"
+msgid "realmd_tags (string)"
+msgstr "krb5_realm (рядок)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -2451,17 +2543,17 @@ msgstr ""
"quote> <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr "proxy_pam_target (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr "Комп’ютер, для якого виконує проксі-сервер PAM."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
@@ -2470,12 +2562,12 @@ msgstr ""
"налаштуваннями pam або створити нові і тут додати назву служби."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr "proxy_lib_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2486,7 +2578,7 @@ msgstr ""
"наприклад _nss_files_getpwent."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
@@ -2495,12 +2587,12 @@ msgstr ""
"\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr "Розділ локального домену"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2511,29 +2603,29 @@ msgstr ""
"використовує <replaceable>id_provider=local</replaceable>."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr "default_shell (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
"Типова оболонка для записів користувачів, створених за допомогою "
"інструментів простору користувачів SSSD."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr "Типове значення: <filename>/bin/bash</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr "base_directory (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
@@ -2542,17 +2634,17 @@ msgstr ""
"replaceable> і використовують отриману адресу як адресу домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr "Типове значення: <filename>/home</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr "create_homedir (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
@@ -2561,17 +2653,17 @@ msgstr ""
"Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr "Типове значення: TRUE"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr "remove_homedir (булівське значення)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
@@ -2580,12 +2672,12 @@ msgstr ""
"користувачів. Може бути перевизначено з командного рядка."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr "homedir_umask (ціле число)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2596,17 +2688,17 @@ msgstr ""
"до щойно створеного домашнього каталогу."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr "Типове значення: 077"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr "skel_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2619,17 +2711,17 @@ msgstr ""
"<manvolnum>8</manvolnum> </citerefentry>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr "Типове значення: <filename>/etc/skel</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr "mail_dir (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2640,17 +2732,17 @@ msgstr ""
"каталог не вказано, буде використано типове значення."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr "Типове значення: <filename>/var/mail</filename>"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr "userdel_cmd (рядок)"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2661,18 +2753,18 @@ msgstr ""
"вилучається. Код виконання, повернутий програмою не обробляється."
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr "Типове значення: None, не виконувати жодних команд"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr "ПРИКЛАД"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2726,7 +2818,7 @@ msgstr ""
"enumerate = False\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -3133,7 +3225,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr "Атрибут LDAP, що відповідає ідентифікатору основної групи користувача."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr "Типове значення: gidNumber"
@@ -3194,7 +3286,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта користувача LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr "Типове значення: nsUniqueId"
@@ -3213,7 +3305,7 @@ msgstr ""
"потрібен лише для серверів ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
"Типове значення: objectSid для ActiveDirectory, не встановлено для інших "
@@ -3225,7 +3317,7 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr "ldap_user_modify_timestamp (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
@@ -3234,7 +3326,7 @@ msgstr ""
"об’єкта."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr "Типове значення: modifyTimestamp"
@@ -3628,9 +3720,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr "Атрибут LDAP, що відповідає повному імені користувача."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr "Типове значення: cn"
@@ -3645,7 +3737,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr "Атрибут LDAP зі списком груп, у яких бере участь користувач."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr "Типове значення: memberOf"
@@ -3676,16 +3768,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr "Типове значення: authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr "ldap_user_authorized_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3696,7 +3796,7 @@ msgstr ""
"доступу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
@@ -3705,77 +3805,85 @@ msgstr ""
"(host) і нарешті загальні дозволи або allow_all (*)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr "Типове значення: host"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr "ldap_group_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr "Клас об’єктів запису групи у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr "Типове значення: posixGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr "ldap_group_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr "Атрибут LDAP, що відповідає назві групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr "ldap_group_gid_number (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr "Атрибут LDAP, що відповідає ідентифікатору групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr "ldap_group_member (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr "Атрибут LDAP, у якому містяться імена учасників групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr "Типове значення: memberuid (rfc2307) / member (rfc2307bis)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr "ldap_group_uuid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта групи LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr "ldap_group_objectsid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
@@ -3784,17 +3892,17 @@ msgstr ""
"лише для серверів ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr "ldap_group_modify_timestamp (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr "ldap_group_nesting_level (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3806,17 +3914,17 @@ msgstr ""
"параметра буде проігноровано, якщо використано схему RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr "Типове значення: 2"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr "ldap_groups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3828,7 +3936,7 @@ msgstr ""
"високим рівнем вкладеності."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
@@ -3837,7 +3945,7 @@ msgstr ""
"можна буде спостерігати лише у дуже складних випадках вкладеності груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3848,7 +3956,7 @@ msgstr ""
"можливості. Отже, насправді значення «True» означає «визначити автоматично»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3861,18 +3969,18 @@ msgstr ""
"windows/desktop/aa746475%28v=vs.85%29.aspx\">документації MSDN(TM)</ulink>."
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr "Типове значення: False"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr "ldap_initgroups_use_matching_rule_in_chain"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3885,126 +3993,126 @@ msgstr ""
"вкладеності."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr "ldap_netgroup_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr "Клас об’єктів запису мережевої групи (netgroup) у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr "У надавачі даних IPA має бути використано ipa_netgroup_object_class."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr "Типове значення: nisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr "ldap_netgroup_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr "Атрибут LDAP, що відповідає назві мережевої групи (netgroup)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr "У надавачі даних IPA має бути використано ipa_netgroup_name."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr "ldap_netgroup_member (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
"Атрибут LDAP, у якому містяться імена учасників мережевої групи (netgroup)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr "У надавачі даних IPA має бути використано ipa_netgroup_member."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr "Типове значення: memberNisNetgroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr "ldap_netgroup_triple (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
"Атрибут LDAP, що містить трійки мережевої групи (вузол, користувач, домен)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr "Цим параметром не можна скористатися у надавачі даних IPA."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr "Типове значення: nisNetgroupTriple"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr "ldap_netgroup_uuid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr "Атрибут LDAP, що містить UUID/GUID об’єкта мережевої групи LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr "У надавачі даних IPA має бути використано ipa_netgroup_uuid."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr "ldap_netgroup_modify_timestamp (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr "ldap_service_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr "Клас об’єктів запису служби у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr "Типове значення: ipService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr "ldap_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
@@ -4012,48 +4120,48 @@ msgstr ""
"Атрибут LDAP, що містить назву атрибутів служби та замінників цих атрибутів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr "ldap_service_port (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr "Атрибут LDAP, що містить номер порту, яким керує ця служба."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr "Типове значення: ipServicePort"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr "ldap_service_proto (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr "Атрибут LDAP, що містить протоколи, за яким може працювати ця служба."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr "Типове значення: ipServiceProtocol"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr "ldap_service_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr "ldap_search_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -4064,7 +4172,7 @@ msgstr ""
"автономного режиму роботи)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -4075,18 +4183,18 @@ msgstr ""
"окремих типів пошуків."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr "Типове значення: 6"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr "ldap_enumeration_search_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -4097,12 +4205,12 @@ msgstr ""
"кешованих даних (і переходом до автономного режиму роботи)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr "ldap_network_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -4119,12 +4227,12 @@ msgstr ""
"citerefentry> повертається до стану бездіяльності."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr "ldap_opt_timeout (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -4136,12 +4244,12 @@ msgstr ""
"випадку прив’язки SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr "ldap_connection_expire_timeout (ціле значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -4155,17 +4263,17 @@ msgstr ""
"дії TGT)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr "Типове значення: 900 (15 хвилин)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr "ldap_page_size (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
@@ -4175,17 +4283,17 @@ msgstr ""
"один запит."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr "Типове значення: 1000"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr "ldap_disable_paging (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -4196,7 +4304,7 @@ msgstr ""
"RootDSE, але цю підтримку не увімкнено або вона не працює належним чином."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
@@ -4206,7 +4314,7 @@ msgstr ""
"підтримкою не можна скористатися."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -4217,12 +4325,34 @@ msgstr ""
"це може призвести до відмови у виконанні запитів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+#, fuzzy
+#| msgid "ldap_disable_paging (boolean)"
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr "ldap_disable_paging (булеве значення)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr "ldap_sasl_minssf (ціле значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -4233,19 +4363,19 @@ msgstr ""
"параметра визначається OpenLDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
"Типове значення: типове для системи значення (зазвичай, визначається у ldap."
"conf)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr "ldap_deref_threshold (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -4257,7 +4387,7 @@ msgstr ""
"виконуватиметься окремо."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
@@ -4265,7 +4395,7 @@ msgstr ""
"(розіменуванням), якщо вкажете значення 0."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -4278,7 +4408,7 @@ msgstr ""
"OpenLDAP та Active Directory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -4289,12 +4419,12 @@ msgstr ""
"незалежно від використання цього параметра."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr "ldap_tls_reqcert (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
@@ -4304,7 +4434,7 @@ msgstr ""
"таких значень:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
@@ -4313,7 +4443,7 @@ msgstr ""
"жодних сертифікатів сервера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4325,7 +4455,7 @@ msgstr ""
"режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -4336,7 +4466,7 @@ msgstr ""
"надано помилковий сертифікат, негайно перервати сеанс."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -4347,22 +4477,22 @@ msgstr ""
"перервати сеанс."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr "Типове значення: hard"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr "ldap_tls_cacert (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
@@ -4371,7 +4501,7 @@ msgstr ""
"розпізнаються <command>sssd</command>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
@@ -4380,12 +4510,12 @@ msgstr ""
"у <filename>/etc/openldap/ldap.conf</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr "ldap_tls_cacertdir (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -4398,32 +4528,32 @@ msgstr ""
"<command>cacertdir_rehash</command>, якщо ця програма є доступною."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr "ldap_tls_cert (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr "Визначає файл, який містить сертифікат для ключа клієнта."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr "ldap_tls_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr "Визначає файл, у якому міститься ключ клієнта."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr "ldap_tls_cipher_suite (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -4435,12 +4565,12 @@ msgstr ""
"<manvolnum>5</manvolnum></citerefentry>."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr "ldap_id_use_start_tls (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
@@ -4449,12 +4579,12 @@ msgstr ""
"class=\"protocol\">tls</systemitem> для захисту каналу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr "ldap_id_mapping (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -4466,19 +4596,19 @@ msgstr ""
"ldap_group_gid_number."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
"У поточній версії у цій можливості передбачено підтримку лише встановлення "
"відповідності objectSID у ActiveDirectory."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr "ldap_sasl_mech (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
@@ -4487,12 +4617,12 @@ msgstr ""
"перевірено і підтримується лише механізм GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr "ldap_sasl_authid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -4507,17 +4637,17 @@ msgstr ""
"myhost)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr "ldap_sasl_realm (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -4529,17 +4659,17 @@ msgstr ""
"проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr "Типове значення: значення krb5_realm."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr "ldap_sasl_canonicalize (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
@@ -4549,34 +4679,34 @@ msgstr ""
"SASL."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr "Типове значення: false;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr "ldap_krb5_keytab (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
"Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5."
"keytab</filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr "ldap_krb5_init_creds (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -4587,27 +4717,27 @@ msgstr ""
"механізм GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr "ldap_krb5_ticket_lifetime (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr "Визначає строк дії (у секундах) TGT, якщо використовується GSSAPI."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr "Типове значення: 86400 (24 години)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr "krb5_server, krb5_backup_server (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -4626,7 +4756,7 @@ msgstr ""
"про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -4638,7 +4768,7 @@ msgstr ""
"вдасться знайти."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -4649,29 +4779,29 @@ msgstr ""
"варто перейти на використання «krb5_server» у файлах налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr "krb5_realm (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
"Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</"
"filename>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr "krb5_canonicalize (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
@@ -4681,12 +4811,45 @@ msgstr ""
"версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+#, fuzzy
+#| msgid "krb5_canonicalize (boolean)"
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr "krb5_canonicalize (булеве значення)"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+#, fuzzy
+#| msgid ""
+#| "<quote>ldap</quote>: LDAP provider. See <citerefentry> "
+#| "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
+#| "citerefentry> for more information on configuring LDAP."
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+"<quote>ldap</quote>: засіб LDAP. Докладніше про налаштовування LDAP можна "
+"дізнатися з довідки до <citerefentry> <refentrytitle>sssd-ldap</"
+"refentrytitle> <manvolnum>5</manvolnum> </citerefentry>."
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr "ldap_pwd_policy (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
@@ -4695,7 +4858,7 @@ msgstr ""
"використовувати такі значення:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
@@ -4704,7 +4867,7 @@ msgstr ""
"разі використання цього варіанта перевірку на боці сервера вимкнено не буде."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -4715,7 +4878,7 @@ msgstr ""
"manvolnum></citerefentry> для визначення того, чи чинним є пароль."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -4726,23 +4889,23 @@ msgstr ""
"скористайтеся chpass_provider=krb5 для оновлення цих атрибутів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr "Типове значення: none"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr "ldap_referrals (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
"Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
@@ -4751,7 +4914,7 @@ msgstr ""
"з версією OpenLDAP 2.4.13 або новішою версією."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -4765,28 +4928,28 @@ msgstr ""
"«false» може значно пришвидшити роботу."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr "ldap_dns_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
"Визначає назву служби, яку буде використано у разі вмикання визначення служб."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr "Типове значення: ldap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr "ldap_chpass_dns_service_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
@@ -4795,17 +4958,17 @@ msgstr ""
"уможливлює зміну паролів, у разі вмикання визначення служб."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr "ldap_chpass_update_last_change (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
@@ -4814,12 +4977,12 @@ msgstr ""
"щодо кількості днів з часу виконання дії зі зміни пароля."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr "ldap_access_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4837,12 +5000,12 @@ msgstr ""
"скористайтеся параметром access_provider = permit"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr "Приклад:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4854,7 +5017,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
@@ -4862,7 +5025,7 @@ msgstr ""
"У прикладі доступ до вузла обмежено учасниками групи «allowedusers» у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4876,17 +5039,17 @@ msgstr ""
"таких прав не було надано, у автономному режимі їх також не буде надано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr "Типове значення: порожній рядок"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr "ldap_account_expire_policy (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
@@ -4895,7 +5058,7 @@ msgstr ""
"керування доступом на боці клієнта."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4906,12 +5069,12 @@ msgstr ""
"з відповідним кодом помилки, навіть якщо вказано правильний пароль."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr "Можна використовувати такі значення:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
@@ -4920,7 +5083,7 @@ msgstr ""
"визначити, чи завершено строк дії облікового запису."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4933,7 +5096,7 @@ msgstr ""
"Також буде перевірено, чи не вичерпано строк дії облікового запису."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4944,7 +5107,7 @@ msgstr ""
"ldap_ns_account_lock."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4956,31 +5119,39 @@ msgstr ""
"ldap_user_nds_login_expiration_time. Якщо не буде виявлено жодного з цих "
"атрибутів, надати доступ."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr "ldap_access_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
"Список відокремлених комами параметрів керування доступом. Можливі значення "
"списку:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
"<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
@@ -4989,19 +5160,19 @@ msgstr ""
"можливості доступу атрибут authorizedService"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
"<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити "
"права доступу"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr "Типове значення: filter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
@@ -5010,12 +5181,12 @@ msgstr ""
"використано декілька разів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr "ldap_deref (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
@@ -5024,13 +5195,13 @@ msgstr ""
"пошуку. Можливі такі варіанти:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
"<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
@@ -5040,7 +5211,7 @@ msgstr ""
"пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
@@ -5049,7 +5220,7 @@ msgstr ""
"під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
@@ -5058,7 +5229,7 @@ msgstr ""
"час пошуку, так і під час визначення місця основного об’єкта пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
@@ -5067,12 +5238,12 @@ msgstr ""
"сценарієм <emphasis>never</emphasis>)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
@@ -5081,7 +5252,7 @@ msgstr ""
"серверів, у яких використовується схема RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -5099,7 +5270,7 @@ msgstr ""
"користувачів за допомогою виклику getpw*() або initgroups()."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -5126,57 +5297,57 @@ msgstr ""
"<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr "ПАРАМЕТРИ SUDO"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr "ldap_sudorule_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr "Клас об’єктів запису правила sudo у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr "Типове значення: sudoRole"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr "ldap_sudorule_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr "Атрибут LDAP, що відповідає назві правила sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr "ldap_sudorule_command (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr "Атрибут LDAP, що відповідає назві команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr "Типове значення: sudoCommand"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr "ldap_sudorule_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
@@ -5185,17 +5356,17 @@ msgstr ""
"вузла, мережевій групі вузла)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr "Типове значення: sudoHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr "ldap_sudorule_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
@@ -5204,32 +5375,32 @@ msgstr ""
"або назві мережевої групи користувача)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr "Типове значення: sudoUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr "ldap_sudorule_option (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr "Атрибут LDAP, що відповідає параметрам sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr "Типове значення: sudoOption"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr "ldap_sudorule_runasuser (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
@@ -5238,17 +5409,17 @@ msgstr ""
"команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr "Типове значення: sudoRunAsUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr "ldap_sudorule_runasgroup (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
@@ -5257,17 +5428,17 @@ msgstr ""
"виконувати команди."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr "Типове значення: sudoRunAsGroup"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr "ldap_sudorule_notbefore (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
@@ -5275,49 +5446,49 @@ msgstr ""
"Атрибут LDAP, що відповідає даті і часу набуття чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr "Типове значення: sudoNotBefore"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr "ldap_sudorule_notafter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr "Атрибут LDAP, що відповідає даті і часу втрати чинності правилом sudo."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr "Типове значення: sudoNotAfter"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr "ldap_sudorule_order (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr "Атрибут LDAP, що відповідає порядковому номеру правила."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr "Типове значення: sudoOrder"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr "ldap_sudo_full_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
@@ -5327,7 +5498,7 @@ msgstr ""
"набір правил, що зберігаються на сервері."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
@@ -5336,17 +5507,17 @@ msgstr ""
"<emphasis>ldap_sudo_smart_refresh_interval </emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr "Типове значення: 21600 (6 годин)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr "ldap_sudo_smart_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -5357,7 +5528,7 @@ msgstr ""
"правил, USN яких перевищує найбільше значення USN у кешованих правилах."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
@@ -5366,12 +5537,12 @@ msgstr ""
"дані атрибута modifyTimestamp."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr "ldap_sudo_use_host_filter (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
@@ -5381,12 +5552,12 @@ msgstr ""
"назв вузлів)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr "ldap_sudo_hostnames (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
@@ -5395,7 +5566,7 @@ msgstr ""
"фільтрування списку правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
@@ -5404,8 +5575,8 @@ msgstr ""
"назву вузла та повну назву комп’ютера у домені у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
@@ -5414,17 +5585,17 @@ msgstr ""
"<emphasis>false</emphasis>, цей параметр ні на що не впливатиме."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr "Типове значення: не вказано"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr "ldap_sudo_ip (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
@@ -5433,7 +5604,7 @@ msgstr ""
"правил."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
@@ -5442,12 +5613,12 @@ msgstr ""
"адресу у автоматичному режимі."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr "ldap_sudo_include_netgroups (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
@@ -5456,12 +5627,12 @@ msgstr ""
"мережеву групу (netgroup) у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr "ldap_sudo_include_regexp (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
@@ -5470,12 +5641,12 @@ msgstr ""
"заміни у атрибуті sudoHost."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr "<placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -5488,12 +5659,12 @@ msgstr ""
"refentrytitle><manvolnum>5</manvolnum> </citerefentry>."
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr "ПАРАМЕТРИ AUTOFS"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
@@ -5502,47 +5673,47 @@ msgstr ""
"визначено у RFC2307."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr "ldap_autofs_map_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr "Клас об’єктів запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr "Типове значення: automountMap"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr "ldap_autofs_map_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr "Назва запису карти автоматичного монтування у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr "Типове значення: ou"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr "ldap_autofs_entry_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr "ldap_autofs_entry_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
@@ -5551,17 +5722,17 @@ msgstr ""
"точні монтування."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr "ldap_autofs_entry_value (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr "Типове значення: automountInformation"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -5574,32 +5745,32 @@ msgstr ""
"\"variablelist\" id=\"4\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr "ДОДАТКОВІ ПАРАМЕТРИ"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr "ldap_netgroup_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr "ldap_user_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr "ldap_group_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr "ldap_user_search_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
@@ -5608,7 +5779,7 @@ msgstr ""
"фільтрування LDAP, яким буде обмежено пошук користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
@@ -5617,7 +5788,7 @@ msgstr ""
"використовувати синтаксичні конструкції з ldap_user_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -5627,7 +5798,7 @@ msgstr ""
" "
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
@@ -5636,12 +5807,12 @@ msgstr ""
"яких встановлено командну оболонку /bin/tcsh."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr "ldap_group_search_filter (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
@@ -5650,7 +5821,7 @@ msgstr ""
"фільтрування LDAP, яким буде обмежено пошук груп."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
@@ -5659,17 +5830,17 @@ msgstr ""
"використовувати синтаксичні конструкції з ldap_group_search_base."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr "ldap_sudo_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr "ldap_autofs_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -5680,7 +5851,7 @@ msgstr ""
"відомі наслідки ваших дій. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -5691,7 +5862,7 @@ msgstr ""
"<replaceable>[domains]</replaceable>."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -5711,20 +5882,20 @@ msgstr ""
" cache_credentials = true\n"
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr "<placeholder type=\"programlisting\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr "ЗАУВАЖЕННЯ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -6309,24 +6480,22 @@ msgstr ""
"цього вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
-msgstr "ipa_dyndns_update (булеве значення)"
+msgstr "dyndns_update (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
-"Необов’язковий. За допомогою цього параметра можна наказати SSSD автоматично "
-"оновлювати на сервері DNS, вбудованому до FreeIPA версії 2, IP-адресу цього "
-"клієнтського комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
@@ -6336,97 +6505,91 @@ msgstr ""
"у /etc/krb5.conf"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
"emphasis> in their config file."
msgstr ""
+"ЗАУВАЖЕННЯ: хоча можна використовувати і попередню назву параметра, "
+"<emphasis>ipa_dyndns_update</emphasis>, користувачам слід переходити на нову "
+"назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
-#, fuzzy
-#| msgid "ipa_dyndns_ttl (integer)"
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
-msgstr "ipa_dyndns_ttl (ціле число)"
+msgstr "dyndns_ttl (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
-#, fuzzy
-#| msgid ""
-#| "The TTL to apply to the client DNS record when updating it. If "
-#| "ipa_dyndns_update is false this has no effect. This will override the TTL "
-#| "serverside if set by an administrator."
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
"serverside if set by an administrator."
msgstr ""
"TTL, до якого буде застосовано клієнтський запис DNS під час його оновлення. "
-"Якщо ipa_dyndns_update має значення false, цей параметр буде проігноровано. "
+"Якщо dyndns_update має значення false, цей параметр буде проігноровано. "
"Перевизначає TTL на боці сервера, якщо встановлено адміністратором."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
"emphasis> in their config file."
msgstr ""
+"ЗАУВАЖЕННЯ: хоча можна використовувати і попередню назву параметра, "
+"<emphasis>ipa_dyndns_ttl</emphasis>, користувачам слід переходити на нову "
+"назву, <emphasis>dyndns_ttl</emphasis>, у файлі налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr "Типове значення: 1200 (секунд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
-#, fuzzy
-#| msgid "ipa_dyndns_iface (string)"
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
-msgstr "ipa_dyndns_iface (рядок)"
+msgstr "dyndns_iface (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
-#, fuzzy
-#| msgid ""
-#| "Optional. Applicable only when ipa_dyndns_update is true. Choose the "
-#| "interface whose IP address should be used for dynamic DNS updates."
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
-"Необов’язковий. Застосовний лише тоді, коли ipa_dyndns_update має значення "
-"true. Визначити інтерфейс, чию адресу IP має бути використано для динамічних "
+"Необов’язковий. Застосовний лише тоді, коли dyndns_update має значення true. "
+"Визначити інтерфейс, чию адресу IP має бути використано для динамічних "
"оновлень DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
"emphasis> in their config file."
msgstr ""
+"ЗАУВАЖЕННЯ: хоча можна використовувати і попередню назву параметра, "
+"<emphasis>ipa_dyndns_iface</emphasis>, користувачам слід переходити на нову "
+"назву, <emphasis>dyndns_iface</emphasis>, у файлі налаштувань."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
-msgstr "ipa_dyndns_update (булеве значення)"
+msgstr "ipa_enable_dns_sites (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
-msgstr ""
+msgstr "Вмикає сайти DNS — визначення служб на основі адрес."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -6436,106 +6599,114 @@ msgid ""
"discovery are treated as primary servers and the IPA servers located using "
"the traditional SRV discovery are used as back up servers"
msgstr ""
+"Якщо вказано значення true і увімкнено визначення служб (див. розділ щодо "
+"пошуку служб у нижній частині сторінки підручника (man)), SSSD спочатку "
+"спробує визначення на основі адрес за допомогою запиту, що містить "
+"\"_location.hostname.example.com\", а потім повертається до традиційного "
+"визначення SRV. Якщо визначення на основі адреси буде успішним, сервери IPA, "
+"виявлені на основі визначення за адресою, вважатимуться основним серверами, "
+"а сервери IPA, виявлені за допомогою традиційного визначення SRV, "
+"вважатимуться резервними серверами."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
-#, fuzzy
-#| msgid "ldap_sudo_smart_refresh_interval (integer)"
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
-msgstr "ldap_sudo_smart_refresh_interval (ціле число)"
+msgstr "dyndns_refresh_interval (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-#, fuzzy
-#| msgid "Default: loginDisabled"
-msgid "Default: 0 (disabled)"
-msgstr "Типове значення: loginDisabled"
+"Визначає, наскільки часто серверний модуль має виконувати періодичні "
+"оновлення DNS на додачу до автоматичного оновлення, яке виконується під час "
+"кожного встановлення з’єднання серверного модуля з мережею. Цей параметр не "
+"є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
-msgstr "ipa_dyndns_update (булеве значення)"
+msgstr "dyndns_update_ptr (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
+"Визначає, чи слід явним чином оновлювати запис PTR під час оновлення записів "
+"DNS клієнта. Застосовується, лише якщо значенням dyndns_update буде true."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
+#, fuzzy
+#| msgid ""
+#| "This options should be False in most IPA deployments as the IPA server "
+#| "generates the PTR records automatically when forward records are changed."
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
+"Значенням цього параметра у більшості розгорнутих систем IPA має бути False, "
+"оскільки сервер IPA створює записи PTR автоматично після зміни у записах "
+"переспрямовування."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
-#, fuzzy
-#| msgid "Default: loginDisabled"
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
-msgstr "Типове значення: loginDisabled"
+msgstr "Типове значення: False (вимкнено)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
-#, fuzzy
-#| msgid "ipa_dyndns_update (boolean)"
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
-msgstr "ipa_dyndns_update (булеве значення)"
+msgstr "dyndns_force_tcp (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
+"Визначає, чи слід у програмі nsupdate типово використовувати TCP для обміну "
+"даними з сервером DNS."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
-msgstr ""
+msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr "ipa_hbac_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з "
"HBAC об’єктів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr "Типове значення: використання базової назви домену"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr "ipa_host_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
@@ -6544,7 +6715,7 @@ msgstr ""
"налаштування декількох основ пошуку."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -6555,64 +6726,64 @@ msgstr ""
"проігноровано."
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr "ipa_selinux_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку карт "
"користувачів SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr "ipa_subdomains_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку надійних доменів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr "Типове значення: значення <emphasis>cn=trusts,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr "ipa_master_domain_search_base (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
"Необов’язковий. Використати вказаний рядок як основу пошуку основного "
"об’єкта домену."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
"Типове значення: значення виразу <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr "krb5_validate (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
@@ -6620,7 +6791,7 @@ msgstr ""
"Перевірити за допомогою krb5_keytab, чи не було підмінено отриманий TGT."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
@@ -6629,7 +6800,7 @@ msgstr ""
"модуля Kerberos."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
@@ -6638,7 +6809,7 @@ msgstr ""
"«ipa_domain»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
@@ -6647,7 +6818,7 @@ msgstr ""
"перетворено у основний DN для виконання дій LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -6658,12 +6829,12 @@ msgstr ""
"запитів AS. Цю можливість передбачено з версії MIT Kerberos >= 1.7"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr "ipa_hbac_refresh (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -6674,17 +6845,17 @@ msgstr ""
"короткого періоду часу надходить багато запитів щодо керування доступом."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr "Типове значення: 5 (секунд)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr "ipa_hbac_selinux (ціле число)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -6696,12 +6867,12 @@ msgstr ""
"користувача до системи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr "ipa_hbac_treat_deny_as (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -6715,7 +6886,7 @@ msgstr ""
"періоду передбачено два режими обробки таких правил:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
@@ -6724,7 +6895,7 @@ msgstr ""
"DENY, всім користувачам доступ буде заборонено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
@@ -6734,17 +6905,17 @@ msgstr ""
"небажаним користувачам."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr "Типове значення: DENY_ALL"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr "ipa_hbac_support_srchost (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
@@ -6753,7 +6924,7 @@ msgstr ""
"даних PAM, буде проігноровано."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
@@ -6763,38 +6934,38 @@ msgstr ""
"буде проігноровано;"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr "ipa_automount_location (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
"Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr "Типове значення: адреса з назвою \"default\""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr "ipa_netgroup_member_of (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr "Атрибут LDAP зі списком учасників мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr "ipa_netgroup_member_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
@@ -6803,17 +6974,17 @@ msgstr ""
"учасниками мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr "Типове значення: memberUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr "ipa_netgroup_member_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
@@ -6822,17 +6993,17 @@ msgstr ""
"учасниками мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr "Типове значення: memberHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr "ipa_netgroup_member_ext_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
@@ -6841,78 +7012,78 @@ msgstr ""
"мережевої групи."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr "Типове значення: externalHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr "ipa_netgroup_domain (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
"Атрибут LDAP, у якому міститься доменна назва NIS мережевої групи (netgroup)."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr "Типове значення: nisDomainName"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr "ipa_host_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr "Клас об’єктів запису вузла у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr "Типове значення: ipaHost"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr "ipa_host_fqdn (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr "Атрибут LDAP, що містить FQDN вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr "Типове значення: fqdn"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr "ipa_selinux_usermap_object_class (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr "ipa_selinux_usermap_name (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr "Атрибут LDAP, що містить назву карти користувачів SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr "ipa_selinux_usermap_member_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
@@ -6920,12 +7091,12 @@ msgstr ""
"правило."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr "ipa_selinux_usermap_member_host (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
@@ -6934,12 +7105,12 @@ msgstr ""
"це правило."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr "ipa_selinux_usermap_see_also (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
@@ -6948,32 +7119,32 @@ msgstr ""
"для встановлення відповідності замість memberUser і memberHost."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr "Типове значення: seeAlso"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr "ipa_selinux_usermap_selinux_user (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr "Атрибут LDAP, який містить сам рядок користувача SELinux."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr "Типове значення: ipaSELinuxUser"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr "ipa_selinux_usermap_enabled (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
@@ -6982,77 +7153,77 @@ msgstr ""
"користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr "Типове значення: ipaEnabledFlag"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr "ipa_selinux_usermap_user_category (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr "Атрибут LDAP, що містить категорію користувачів, зокрема 'all'."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr "Типове значення: userCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr "ipa_selinux_usermap_host_category (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr "Атрибут LDAP, що містить категорію вузлів, зокрема 'all'."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr "Типове значення: hostCategory"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr "ipa_selinux_usermap_uuid (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr "Атрибут LDAP, що містить унікальний ідентифікатор карти користувачів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr "Типове значення: ipaUniqueID"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr "ipa_host_ssh_public_key (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr "Атрибут LDAP, який містить відкриті ключі SSH вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr "Типове значення: ipaSshPubKey"
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr "СЛУЖБА ПІДДОМЕНІВ"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
@@ -7061,7 +7232,7 @@ msgstr ""
"спосіб його налаштовано: явний чи неявний."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -7073,16 +7244,7 @@ msgstr ""
"якщо це потрібно."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
-#, fuzzy
-#| msgid ""
-#| "If the option 'subdomains_provider' is not set in the domain section of "
-#| "sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains "
-#| "provider is configured implictly. In this case, if a subdomain request "
-#| "fails and indicates that the server does not support subdomains, i.e. is "
-#| "not configured for trusts, the IPA subdomains provider is disabled. After "
-#| "an hour or after the IPA provider goes online, the subdomains provider is "
-#| "enabled again."
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -7092,7 +7254,7 @@ msgid ""
"hour or after the IPA provider goes online, the subdomains provider is "
"enabled again."
msgstr ""
-"Якщо у розділі домену sssd.conf не встановлено параметр "
+"Якщо у розділі домену sssdconf не встановлено параметр "
"«subdomains_provider», але встановлено параметр «id_provider = ipa», "
"інструмент надання даних піддоменів IPA налаштовано неявним чином. У цьому "
"випадку спроба запиту щодо піддомену зазнає невдачі і вказуватиме на те, що "
@@ -7102,7 +7264,7 @@ msgstr ""
"даних піддоменів буде знову увімкнено."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7114,7 +7276,7 @@ msgstr ""
"ipa."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -7209,13 +7371,6 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-ad.5.xml:63
-#, fuzzy
-#| msgid ""
-#| "By default, the AD provider will map UID and GID values from the "
-#| "objectSID parameter in Active Directory. For details on this, see the "
-#| "<quote>ID MAPPING</quote> section below. If you want to disable ID "
-#| "mapping and instead rely on POSIX attributes defined in Active Directory, "
-#| "you should set <placeholder type=\"programlisting\" id=\"0\"/>"
msgid ""
"By default, the AD provider will map UID and GID values from the objectSID "
"parameter in Active Directory. For details on this, see the <quote>ID "
@@ -7225,12 +7380,15 @@ msgid ""
"entities served by SSSD are always treated as case-insensitive in the AD "
"provider for compatibility with Active Directory's LDAP implementation."
msgstr ""
-"Типово, засіб надання даних AD встановлює відповідність значень UID і GID на "
-"основі параметра objectSID у Active Directory. Докладніше про це можна "
-"дізнатися з розділу «ВСТАНОВЛЕННЯ ВІДПОВІДНОСТІ ІДЕНТИФІКАТОРІВ», наведеного "
-"нижче. Якщо ви хочете вимкнути встановлення відповідності ідентифікаторів і "
-"покластися на атрибути POSIX, визначені у Active Directory, вам слід "
-"встановити параметр <placeholder type=\"programlisting\" id=\"0\"/>"
+"Типово засіб надання даних AD виконує прив’язку значень UID і GID з "
+"параметра objectSID у Active Directory. Докладніше про це можна дізнатися з "
+"розділу «ВСТАНОВЛЕННЯ ВІДПОВІДНОСТІ ІДЕНТИФІКАТОРІВ», наведеного нижче. Якщо "
+"ви хочете вимкнути прив’язку ідентифікаторів і замість цього використати "
+"атрибути POSIX, визначені у Active Directory, вам слід встановити "
+"<placeholder type=\"programlisting\" id=\"0\"/> Записи користувачів, груп та "
+"інші записи, що обслуговуються SSSD, завжди оброблятимуться у засобі надання "
+"даних AD з врахуванням регістру для сумісності з реалізацією Active "
+"Directory у LDAP."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-ad.5.xml:86
@@ -7255,13 +7413,20 @@ msgstr ""
"Для забезпечення належної роботи цей параметр слід вказати у форматі запису "
"малими літерами повної версії назви домену Active Directory."
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr "ad_server, ad_backup_server (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -7277,12 +7442,12 @@ msgstr ""
"СЛУЖБ»."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr "ad_hostname (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -7293,7 +7458,7 @@ msgstr ""
"розпізнавання цього вузла."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
@@ -7303,58 +7468,73 @@ msgstr ""
"вузла, для якого випущено таблицю ключів."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
-#, fuzzy
-#| msgid "case_sensitive (boolean)"
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
-msgstr "case_sensitive (булеве значення)"
+msgstr "ad_enable_dns_sites (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
+#, fuzzy
+#| msgid ""
+#| "If true and service discovery (see Service Discovery paragraph at the "
+#| "bottom of the man page) is enabled, the SSSD will first attempt to "
+#| "discover the Active Directory server to connect to using the Active "
+#| "Directory Site Discovery and fall back to the DNS SRV records if no AD "
+#| "site is found."
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
+"Якщо вказано значення true і увімкнено визначення служб (див. розділ щодо "
+"пошуку служб у нижній частині сторінки підручника (man)), SSSD спочатку "
+"спробує визначити сервер Active Directory для встановлення з’єднання на "
+"основі використання визначення сайтів Active Directory і повертається до "
+"визначення за записами SRV DNS, якщо сайт AD не буде знайдено."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
-#, fuzzy
-#| msgid ""
-#| "Optional. This option tells SSSD to automatically update the DNS server "
-#| "built into FreeIPA v2 with the IP address of this client."
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
-"Необов’язковий. За допомогою цього параметра можна наказати SSSD автоматично "
-"оновлювати на сервері DNS, вбудованому до FreeIPA версії 2, IP-адресу цього "
-"клієнтського комп’ютера."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 1200 (seconds)"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "Типове значення: 1200 (секунд)"
+msgstr "Типове значення: 3600 (секунд)"
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
#, fuzzy
-#| msgid "krb5_fast_principal (string)"
+#| msgid "Default: Use the IP address of the IPA LDAP connection"
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr "Типове значення: використовувати IP-адресу з’єднання LDAP IPA"
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
-msgstr "krb5_fast_principal (рядок)"
+msgstr "krb5_use_enterprise_principal (булеве значення)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
+"Визначає, чи слід вважати реєстраційні дані користувача даними промислового "
+"рівня. Див. розділ 5 RFC 6806, щоб дізнатися більше про промислові "
+"реєстраційні дані."
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -7365,7 +7545,7 @@ msgstr ""
"У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -7389,7 +7569,7 @@ msgstr ""
"ad_domain = example.com\n"
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -7401,7 +7581,7 @@ msgstr ""
"ldap_account_expire_policy = ad\n"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7537,6 +7717,9 @@ msgid ""
"automatically enabled. The sudo search base is configured to use the compat "
"tree (ou=sudoers,$DC)."
msgstr ""
+"Якщо SSSD налаштовано на використання надавача даних IPA, автоматично "
+"вмикається модуль надавача даних sudo. Базу пошуку sudo налаштовано на "
+"використання ієрархії даних compat (ou=sudoers,$DC)."
#. type: Content of: <reference><refentry><refsect1><title>
#: sssd-sudo.5.xml:99
@@ -8620,10 +8803,6 @@ msgstr "krb5_lifetime (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:322
-#, fuzzy
-#| msgid ""
-#| "Request ticket with a with a lifetime, given as an integer immediately "
-#| "followed by a time unit:"
msgid ""
"Request ticket with a lifetime, given as an integer immediately followed by "
"a time unit:"
@@ -8658,17 +8837,11 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
#: sssd-krb5.5.xml:354
-#, fuzzy
-#| msgid "krb5_renew_interval (integer)"
msgid "krb5_renew_interval (string)"
-msgstr "krb5_renew_interval (ціле число)"
+msgstr "krb5_renew_interval (рядок)"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:357
-#, fuzzy
-#| msgid ""
-#| "The time in seconds between two checks if the TGT should be renewed. TGTs "
-#| "are renewed if about half of their lifetime is exceeded."
msgid ""
"The time in seconds between two checks if the TGT should be renewed. TGTs "
"are renewed if about half of their lifetime is exceeded, given as an integer "
@@ -8676,7 +8849,8 @@ msgid ""
msgstr ""
"Час у секундах між двома послідовними перевірками того, чи слід оновлювати "
"записи TGT. Записи TGT оновлюються після завершення приблизно половини "
-"їхнього строку дії."
+"їхнього строку дії, що задається як ціле число з наступним позначенням "
+"одиниці часу:"
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-krb5.5.xml:384
@@ -8772,9 +8946,9 @@ msgstr ""
"канонічну форму. Цю можливість передбачено з версії MIT Kerberos 1.7."
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
-msgstr ""
+msgstr "Типове значення: false (надається AD: true)"
#. type: Content of: <reference><refentry><refsect1><para>
#: sssd-krb5.5.xml:65
@@ -8792,7 +8966,7 @@ msgstr ""
"про налаштування домену SSSD. <placeholder type=\"variablelist\" id=\"0\"/>"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -8805,7 +8979,7 @@ msgstr ""
"Kerberos, там не вказано інструменту обробки профілів."
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
@@ -9600,13 +9774,15 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
#: sss_ssh_authorizedkeys.1.xml:93 sss_ssh_knownhostsproxy.1.xml:92
msgid "EXIT STATUS"
-msgstr ""
+msgstr "СТАН ВИХОДУ"
#. type: Content of: <reference><refentry><refsect1><para>
#: sss_ssh_authorizedkeys.1.xml:95 sss_ssh_knownhostsproxy.1.xml:94
msgid ""
"In case of success, an exit value of 0 is returned. Otherwise, 1 is returned."
msgstr ""
+"У випадку успіху значення стану виходу дорівнює 0. У всіх інших випадках "
+"програма повертає 1."
#. type: Content of: <reference><refentry><refnamediv><refname>
#: sss_ssh_knownhostsproxy.1.xml:10 sss_ssh_knownhostsproxy.1.xml:15
@@ -10590,16 +10766,13 @@ msgstr ""
#. type: Content of: <varlistentry><listitem><para><programlisting>
#: include/override_homedir.xml:46
-#, fuzzy, no-wrap
-#| msgid ""
-#| "override_homedir = /home/%u\n"
-#| " "
+#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
" "
msgstr ""
"override_homedir = /home/%u\n"
-" "
+" "
#. type: Content of: <varlistentry><listitem><para>
#: include/override_homedir.xml:50
@@ -10609,60 +10782,33 @@ msgstr ""
"від LDAP)"
#~ msgid ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "The default <citerefentry> <refentrytitle>printf</refentrytitle> "
+#~ "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
+#~ "how to translate a (name, domain) tuple into a fully qualified name."
+#~ msgstr ""
+#~ "Типовий формат, сумісний з <citerefentry> <refentrytitle>printf</"
+#~ "refentrytitle> <manvolnum>3</manvolnum> </citerefentry>, який описує "
+#~ "спосіб перетворення кортежу (назва, домен) у назву належного формату."
+
+#~ msgid ""
+#~ "Regular expression for this domain that describes how to parse the string "
+#~ "containing user name and domain into these components."
#~ msgstr ""
-#~ "fallback_homedir = /home/%u\n"
-#~ " "
+#~ "Формальний вираз, який описує для цього домену спосіб поділу рядка з "
+#~ "іменем користувача і доменом на його частини."
#~ msgid ""
-#~ "The following example illustrates setting up SSSD to download sudo rules "
-#~ "from an IPA server. It is necessary to use the LDAP provider and set "
-#~ "appropriate connection parameters to authenticate correctly against the "
-#~ "IPA server, because SSSD does not have native support of IPA provider for "
-#~ "sudo yet."
+#~ "Optional. This option tells SSSD to automatically update the DNS server "
+#~ "built into FreeIPA v2 with the IP address of this client."
#~ msgstr ""
-#~ "Наведений нижче приклад є ілюстрацією налаштовування SSSD на отримання "
-#~ "правил sudo з сервера IPA. Слід використовувати засіб надання даних LDAP "
-#~ "і встановити відповідні параметри з’єднання, щоб розпізнавання на сервері "
-#~ "IPA виконувалося належним чином, оскільки SSSD ще не має вбудованої "
-#~ "підтримки засобу надання даних IPA для sudo."
+#~ "Необов’язковий. За допомогою цього параметра можна наказати SSSD "
+#~ "автоматично оновлювати на сервері DNS, вбудованому до FreeIPA версії 2, "
+#~ "IP-адресу цього клієнтського комп’ютера."
#~ msgid ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Optional. This option tells SSSD to automatically update the Active "
+#~ "Directory DNS server with the IP address of this client."
#~ msgstr ""
-#~ "[sssd]\n"
-#~ "config_file_version = 2\n"
-#~ "services = nss, pam, sudo\n"
-#~ "domains = EXAMPLE\n"
-#~ "\n"
-#~ "[domain/EXAMPLE]\n"
-#~ "id_provider = ipa\n"
-#~ "ipa_domain = example.com\n"
-#~ "ipa_server = ipa.example.com\n"
-#~ "ldap_tls_cacert = /etc/ipa/ca.crt\n"
-#~ "\n"
-#~ "sudo_provider = ldap\n"
-#~ "ldap_uri = ldap://ipa.example.com\n"
-#~ "ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n"
-#~ "ldap_sasl_mech = GSSAPI\n"
-#~ "ldap_sasl_authid = host/hostname.example.com\n"
-#~ "ldap_sasl_realm = EXAMPLE.COM\n"
-#~ "krb5_server = ipa.example.com\n"
+#~ "Необов’язковий. За допомогою цього параметра можна наказати SSSD "
+#~ "автоматично оновлювати дані на сервері DNS Active Directory за IP-адресою "
+#~ "цього клієнтського комп’ютера."
diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po
index 14cd42c40..4441a7dec 100644
--- a/src/man/po/zh_CN.po
+++ b/src/man/po/zh_CN.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: SSSD\n"
"Report-Msgid-Bugs-To: sssd-devel@redhat.com\n"
-"POT-Creation-Date: 2013-05-03 21:13+0300\n"
-"PO-Revision-Date: 2013-04-02 16:37+0000\n"
+"POT-Creation-Date: 2013-06-11 17:02+0300\n"
+"PO-Revision-Date: 2013-05-03 19:30+0000\n"
"Last-Translator: jhrozek <jhrozek@redhat.com>\n"
"Language-Team: Chinese (China) <trans-zh_cn@lists.fedoraproject.org>\n"
"Language: zh_CN\n"
@@ -206,7 +206,7 @@ msgid "The [sssd] section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title>
-#: sssd.conf.5.xml:71 sssd.conf.5.xml:1706
+#: sssd.conf.5.xml:71 sssd.conf.5.xml:1795
msgid "Section parameters"
msgstr ""
@@ -243,19 +243,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:98 sssd.conf.5.xml:292
+#: sssd.conf.5.xml:98 sssd.conf.5.xml:321
msgid "reconnection_retries (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:101 sssd.conf.5.xml:295
+#: sssd.conf.5.xml:101 sssd.conf.5.xml:324
msgid ""
"Number of times services should attempt to reconnect in the event of a Data "
"Provider crash or restart before they give up"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:106 sssd.conf.5.xml:300
+#: sssd.conf.5.xml:106 sssd.conf.5.xml:329
msgid "Default: 3"
msgstr "默认: 3"
@@ -275,7 +275,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:126 sssd.conf.5.xml:1478
+#: sssd.conf.5.xml:126 sssd.conf.5.xml:1525
msgid "re_expression (string)"
msgstr ""
@@ -295,32 +295,71 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:143 sssd.conf.5.xml:1525
+#: sssd.conf.5.xml:143 sssd.conf.5.xml:1576
msgid "full_name_format (string)"
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:146
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:146 sssd.conf.5.xml:1579
+msgid ""
+"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
+"manvolnum> </citerefentry>-compatible format that describes how to compose a "
+"fully qualified name from user name and domain name components."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:157 sssd.conf.5.xml:1590
+msgid "%1$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:158 sssd.conf.5.xml:1591
+msgid "user name"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:161 sssd.conf.5.xml:1594
+msgid "%2$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:164 sssd.conf.5.xml:1597
+msgid "domain name as specified in the SSSD config file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:170 sssd.conf.5.xml:1603
+msgid "%3$s"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:173 sssd.conf.5.xml:1606
msgid ""
-"The default <citerefentry> <refentrytitle>printf</refentrytitle> "
-"<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes "
-"how to translate a (name, domain) tuple into a fully qualified name."
+"domain flat name. Mostly usable for Active Directory domains, both directly "
+"configured or disovered via IPA trusts."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:154 sssd.conf.5.xml:1587
+msgid ""
+"The following expansions are supported: <placeholder type=\"variablelist\" "
+"id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:154
+#: sssd.conf.5.xml:183
msgid ""
"Each domain can have an individual format string configured. see DOMAIN "
"SECTIONS for more info on this option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:160
+#: sssd.conf.5.xml:189
msgid "try_inotify (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:163
+#: sssd.conf.5.xml:192
msgid ""
"SSSD monitors the state of resolv.conf to identify when it needs to update "
"its internal DNS resolver. By default, we will attempt to use inotify for "
@@ -329,7 +368,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:171
+#: sssd.conf.5.xml:200
msgid ""
"There are some limited situations where it is preferred that we should skip "
"even trying to use inotify. In these rare cases, this option should be set "
@@ -337,52 +376,52 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:177
+#: sssd.conf.5.xml:206
msgid ""
"Default: true on platforms where inotify is supported. False on other "
"platforms."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:181
+#: sssd.conf.5.xml:210
msgid ""
"Note: this option will have no effect on platforms where inotify is "
"unavailable. On these platforms, polling will always be used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:188
+#: sssd.conf.5.xml:217
msgid "krb5_rcache_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:191
+#: sssd.conf.5.xml:220
msgid ""
"Directory on the filesystem where SSSD should store Kerberos replay cache "
"files."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:195
+#: sssd.conf.5.xml:224
msgid ""
"This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct "
"SSSD to let libkrb5 decide the appropriate location for the replay cache."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:201
+#: sssd.conf.5.xml:230
msgid ""
"Default: Distribution-specific and specified at build-time. "
"(__LIBKRB5_DEFAULTS__ if not configured)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:208
+#: sssd.conf.5.xml:237
msgid "default_domain_suffix (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:211
+#: sssd.conf.5.xml:240
msgid ""
"This string will be used as a default domain name for all names without a "
"domain name component. The main use case is environments where the primary "
@@ -392,15 +431,15 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:221
+#: sssd.conf.5.xml:250
msgid ""
"Please note that if this option is set all users from the primary domain "
"have to use their fully qualified name, e.g. user@domain.name, to log in."
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:227 sssd-ldap.5.xml:1336 sssd-ldap.5.xml:1348
-#: sssd-ldap.5.xml:1409 sssd-ldap.5.xml:2255 sssd-ldap.5.xml:2282
+#: sssd.conf.5.xml:256 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1444 sssd-ldap.5.xml:2325 sssd-ldap.5.xml:2352
#: sssd-krb5.5.xml:388 include/ldap_id_mapping.xml:145
#: include/ldap_id_mapping.xml:156
msgid "Default: not set"
@@ -418,12 +457,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:238
+#: sssd.conf.5.xml:267
msgid "SERVICES SECTIONS"
msgstr "服务部分"
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:240
+#: sssd.conf.5.xml:269
msgid ""
"Settings that can be used to configure different services are described in "
"this section. They should reside in the [<replaceable>$NAME</replaceable>] "
@@ -432,81 +471,82 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:247
+#: sssd.conf.5.xml:276
msgid "General service configuration options"
msgstr "基本服务配置选项"
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:249
+#: sssd.conf.5.xml:278
msgid "These options can be used to configure any service."
msgstr "这些选项可被用于配置任何服务。"
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:253
+#: sssd.conf.5.xml:282
msgid "debug_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:257
+#: sssd.conf.5.xml:286
msgid "debug_timestamps (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:260
+#: sssd.conf.5.xml:289
msgid "Add a timestamp to the debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:263 sssd.conf.5.xml:443 sssd.conf.5.xml:790
-#: sssd-ldap.5.xml:1482 sssd-ldap.5.xml:1608 sssd-ldap.5.xml:2043
-#: sssd-ldap.5.xml:2108 sssd-ldap.5.xml:2126 sssd-ipa.5.xml:357
-#: sssd-ipa.5.xml:392 sssd-ad.5.xml:150 sssd-ad.5.xml:257
+#: sssd.conf.5.xml:292 sssd.conf.5.xml:472 sssd.conf.5.xml:819
+#: sssd-ldap.5.xml:1517 sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1671
+#: sssd-ldap.5.xml:2113 sssd-ldap.5.xml:2178 sssd-ldap.5.xml:2196
+#: sssd-ipa.5.xml:361 sssd-ipa.5.xml:396 sssd-ad.5.xml:156 sssd-ad.5.xml:181
+#: sssd-ad.5.xml:269 sssd-krb5.5.xml:477
msgid "Default: true"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:268
+#: sssd.conf.5.xml:297
msgid "debug_microseconds (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:271
+#: sssd.conf.5.xml:300
msgid "Add microseconds to the timestamp in debug messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:274 sssd.conf.5.xml:744 sssd.conf.5.xml:1632
-#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1377 sssd-ldap.5.xml:1396
-#: sssd-ldap.5.xml:1551 sssd-ldap.5.xml:1839 sssd-ipa.5.xml:135
-#: sssd-ipa.5.xml:201 sssd-ipa.5.xml:469 sssd-ad.5.xml:169 sssd-krb5.5.xml:244
+#: sssd.conf.5.xml:303 sssd.conf.5.xml:773 sssd.conf.5.xml:1712
+#: sssd-ldap.5.xml:640 sssd-ldap.5.xml:1412 sssd-ldap.5.xml:1431
+#: sssd-ldap.5.xml:1586 sssd-ldap.5.xml:1909 sssd-ipa.5.xml:139
+#: sssd-ipa.5.xml:205 sssd-ipa.5.xml:473 sssd-krb5.5.xml:244
#: sssd-krb5.5.xml:278 sssd-krb5.5.xml:449
msgid "Default: false"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:279
+#: sssd.conf.5.xml:308
msgid "timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:282
+#: sssd.conf.5.xml:311
msgid ""
"Timeout in seconds between heartbeats for this service. This is used to "
"ensure that the process is alive and capable of answering requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:287 sssd-ldap.5.xml:1248
+#: sssd.conf.5.xml:316 sssd-ldap.5.xml:1283
msgid "Default: 10"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:305
+#: sssd.conf.5.xml:334
msgid "fd_limit"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:308
+#: sssd.conf.5.xml:337
msgid ""
"This option specifies the maximum number of file descriptors that may be "
"opened at one time by this SSSD process. On systems where SSSD is granted "
@@ -516,17 +556,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:317
+#: sssd.conf.5.xml:346
msgid "Default: 8192 (or limits.conf \"hard\" limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:322
+#: sssd.conf.5.xml:351
msgid "client_idle_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:325
+#: sssd.conf.5.xml:354
msgid ""
"This option specifies the number of seconds that a client of an SSSD process "
"can hold onto a file descriptor without communicating on it. This value is "
@@ -534,18 +574,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:332 sssd.conf.5.xml:348 sssd.conf.5.xml:562
-#: sssd.conf.5.xml:722 sssd.conf.5.xml:954 sssd-ldap.5.xml:1099
+#: sssd.conf.5.xml:361 sssd.conf.5.xml:377 sssd.conf.5.xml:591
+#: sssd.conf.5.xml:751 sssd.conf.5.xml:983 sssd-ldap.5.xml:1113
msgid "Default: 60"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:337 sssd.conf.5.xml:943
+#: sssd.conf.5.xml:366 sssd.conf.5.xml:972
msgid "force_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:340 sssd.conf.5.xml:946
+#: sssd.conf.5.xml:369 sssd.conf.5.xml:975
msgid ""
"If a service is not responding to ping checks (see the <quote>timeout</"
"quote> option), it is first sent the SIGTERM signal that instructs it to "
@@ -555,40 +595,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:356
+#: sssd.conf.5.xml:385
msgid "NSS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:358
+#: sssd.conf.5.xml:387
msgid ""
"These options can be used to configure the Name Service Switch (NSS) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:363
+#: sssd.conf.5.xml:392
msgid "enum_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:366
+#: sssd.conf.5.xml:395
msgid ""
"How many seconds should nss_sss cache enumerations (requests for info about "
"all users)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:370
+#: sssd.conf.5.xml:399
msgid "Default: 120"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:375
+#: sssd.conf.5.xml:404
msgid "entry_cache_nowait_percentage (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:378
+#: sssd.conf.5.xml:407
msgid ""
"The entry cache can be set to automatically update entries in the background "
"if they are requested beyond a percentage of the entry_cache_timeout value "
@@ -596,7 +636,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:384
+#: sssd.conf.5.xml:413
msgid ""
"For example, if the domain's entry_cache_timeout is set to 30s and "
"entry_cache_nowait_percentage is set to 50 (percent), entries that come in "
@@ -606,7 +646,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:394
+#: sssd.conf.5.xml:423
msgid ""
"Valid values for this option are 0-99 and represent a percentage of the "
"entry_cache_timeout for each domain. For performance reasons, this "
@@ -615,17 +655,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:402
+#: sssd.conf.5.xml:431
msgid "Default: 50"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:407
+#: sssd.conf.5.xml:436
msgid "entry_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:410
+#: sssd.conf.5.xml:439
msgid ""
"Specifies for how many seconds nss_sss should cache negative cache hits "
"(that is, queries for invalid database entries, like nonexistent ones) "
@@ -633,17 +673,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:416 sssd.conf.5.xml:768
+#: sssd.conf.5.xml:445 sssd.conf.5.xml:797
msgid "Default: 15"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:421
+#: sssd.conf.5.xml:450
msgid "filter_users, filter_groups (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:424
+#: sssd.conf.5.xml:453
msgid ""
"Exclude certain users from being fetched from the sss NSS database. This is "
"particularly useful for system accounts. This option can also be set per-"
@@ -652,41 +692,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:431
+#: sssd.conf.5.xml:460
msgid "Default: root"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:436
+#: sssd.conf.5.xml:465
msgid "filter_users_in_groups (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:439
+#: sssd.conf.5.xml:468
msgid ""
"If you want filtered user still be group members set this option to false."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:449
+#: sssd.conf.5.xml:478
msgid "fallback_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:452
+#: sssd.conf.5.xml:481
msgid ""
"Set a default template for a user's home directory if one is not specified "
"explicitly by the domain's data provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:457
+#: sssd.conf.5.xml:486
msgid ""
"The available values for this option are the same as for override_homedir."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting>
-#: sssd.conf.5.xml:463
+#: sssd.conf.5.xml:492
#, no-wrap
msgid ""
"override_homedir = /home/%u\n"
@@ -694,112 +734,112 @@ msgid ""
msgstr ""
#. type: Content of: <varlistentry><listitem><para>
-#: sssd.conf.5.xml:461 include/override_homedir.xml:44
+#: sssd.conf.5.xml:490 include/override_homedir.xml:44
msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:467
+#: sssd.conf.5.xml:496
msgid "Default: not set (no substitution for unset home directories)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:473
+#: sssd.conf.5.xml:502
msgid "override_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:476
+#: sssd.conf.5.xml:505
msgid ""
"Override the login shell for all users. This option can be specified "
"globally in the [nss] section or per-domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:481
+#: sssd.conf.5.xml:510
msgid "Default: not set (SSSD will use the value retrieved from LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:487
+#: sssd.conf.5.xml:516
msgid "allowed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:490
+#: sssd.conf.5.xml:519
msgid ""
"Restrict user shell to one of the listed values. The order of evaluation is:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:493
+#: sssd.conf.5.xml:522
msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:497
+#: sssd.conf.5.xml:526
msgid ""
"2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</"
"quote>, use the value of the shell_fallback parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:502
+#: sssd.conf.5.xml:531
msgid ""
"3. If the shell is not in the allowed_shells list and not in <quote>/etc/"
"shells</quote>, a nologin shell is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:507
+#: sssd.conf.5.xml:536
msgid "An empty string for shell is passed as-is to libc."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:510
+#: sssd.conf.5.xml:539
msgid ""
"The <quote>/etc/shells</quote> is only read on SSSD start up, which means "
"that a restart of the SSSD is required in case a new shell is installed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:514
+#: sssd.conf.5.xml:543
msgid "Default: Not set. The user shell is automatically used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:519
+#: sssd.conf.5.xml:548
msgid "vetoed_shells (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:522
+#: sssd.conf.5.xml:551
msgid "Replace any instance of these shells with the shell_fallback"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:527
+#: sssd.conf.5.xml:556
msgid "shell_fallback (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:530
+#: sssd.conf.5.xml:559
msgid ""
"The default shell to use if an allowed shell is not installed on the machine."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:534
+#: sssd.conf.5.xml:563
msgid "Default: /bin/sh"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:539
+#: sssd.conf.5.xml:568
msgid "default_shell"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:542
+#: sssd.conf.5.xml:571
msgid ""
"The default shell to use if the provider does not return one during lookup. "
"This option supersedes any other shell options if it takes effect and can be "
@@ -807,96 +847,96 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:548
+#: sssd.conf.5.xml:577
msgid ""
"Default: not set (Return NULL if no shell is specified and rely on libc to "
"substitute something sensible when necessary, usually /bin/sh)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:555 sssd.conf.5.xml:715
+#: sssd.conf.5.xml:584 sssd.conf.5.xml:744
msgid "get_domains_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:558 sssd.conf.5.xml:718
+#: sssd.conf.5.xml:587 sssd.conf.5.xml:747
msgid ""
"Specifies time in seconds for which the list of subdomains will be "
"considered valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:567
+#: sssd.conf.5.xml:596
msgid "memcache_timeout (int)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:570
+#: sssd.conf.5.xml:599
msgid ""
"Specifies time in seconds for which records in the in-memory cache will be "
"valid"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:574 sssd-ldap.5.xml:654
+#: sssd.conf.5.xml:603 sssd-ldap.5.xml:654
msgid "Default: 300"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:581
+#: sssd.conf.5.xml:610
msgid "PAM configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:583
+#: sssd.conf.5.xml:612
msgid ""
"These options can be used to configure the Pluggable Authentication Module "
"(PAM) service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:588
+#: sssd.conf.5.xml:617
msgid "offline_credentials_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:591
+#: sssd.conf.5.xml:620
msgid ""
"If the authentication provider is offline, how long should we allow cached "
"logins (in days since the last successful online login)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:596 sssd.conf.5.xml:609
+#: sssd.conf.5.xml:625 sssd.conf.5.xml:638
msgid "Default: 0 (No limit)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:602
+#: sssd.conf.5.xml:631
msgid "offline_failed_login_attempts (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:605
+#: sssd.conf.5.xml:634
msgid ""
"If the authentication provider is offline, how many failed login attempts "
"are allowed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:615
+#: sssd.conf.5.xml:644
msgid "offline_failed_login_delay (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:618
+#: sssd.conf.5.xml:647
msgid ""
"The time in minutes which has to pass after offline_failed_login_attempts "
"has been reached before a new login attempt is possible."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:623
+#: sssd.conf.5.xml:652
msgid ""
"If set to 0 the user cannot authenticate offline if "
"offline_failed_login_attempts has been reached. Only a successful online "
@@ -904,59 +944,59 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:629 sssd.conf.5.xml:682 sssd.conf.5.xml:1579
+#: sssd.conf.5.xml:658 sssd.conf.5.xml:711 sssd.conf.5.xml:1659
msgid "Default: 5"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:635
+#: sssd.conf.5.xml:664
msgid "pam_verbosity (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:638
+#: sssd.conf.5.xml:667
msgid ""
"Controls what kind of messages are shown to the user during authentication. "
"The higher the number to more messages are displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:643
+#: sssd.conf.5.xml:672
msgid "Currently sssd supports the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:646
+#: sssd.conf.5.xml:675
msgid "<emphasis>0</emphasis>: do not show any message"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:649
+#: sssd.conf.5.xml:678
msgid "<emphasis>1</emphasis>: show only important messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:653
+#: sssd.conf.5.xml:682
msgid "<emphasis>2</emphasis>: show informational messages"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:656
+#: sssd.conf.5.xml:685
msgid "<emphasis>3</emphasis>: show all messages and debug information"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:660 sssd.8.xml:63
+#: sssd.conf.5.xml:689 sssd.8.xml:63
msgid "Default: 1"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:665
+#: sssd.conf.5.xml:694
msgid "pam_id_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:668
+#: sssd.conf.5.xml:697
msgid ""
"For any PAM request while SSSD is online, the SSSD will attempt to "
"immediately update the cached identity information for the user in order to "
@@ -964,7 +1004,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:674
+#: sssd.conf.5.xml:703
msgid ""
"A complete PAM conversation may perform multiple PAM requests, such as "
"account management and session opening. This option controls (on a per-"
@@ -973,17 +1013,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:688
+#: sssd.conf.5.xml:717
msgid "pam_pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:691 sssd.conf.5.xml:1086
+#: sssd.conf.5.xml:720 sssd.conf.5.xml:1133
msgid "Display a warning N days before the password expires."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:694
+#: sssd.conf.5.xml:723
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -991,63 +1031,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:700 sssd.conf.5.xml:1089
+#: sssd.conf.5.xml:729 sssd.conf.5.xml:1136
msgid ""
"If zero is set, then this filter is not applied, i.e. if the expiration "
"warning was received from backend server, it will automatically be displayed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:705
+#: sssd.conf.5.xml:734
msgid ""
"This setting can be overridden by setting <emphasis>pwd_expiration_warning</"
"emphasis> for a particular domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:710 sssd.8.xml:79
+#: sssd.conf.5.xml:739 sssd.8.xml:79
msgid "Default: 0"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:730
+#: sssd.conf.5.xml:759
msgid "SUDO configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:732
+#: sssd.conf.5.xml:761
msgid "These options can be used to configure the sudo service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:736
+#: sssd.conf.5.xml:765
msgid "sudo_timed (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:739
+#: sssd.conf.5.xml:768
msgid ""
"Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes "
"that implement time-dependent sudoers entries."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:752
+#: sssd.conf.5.xml:781
msgid "AUTOFS configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:754
+#: sssd.conf.5.xml:783
msgid "These options can be used to configure the autofs service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:758
+#: sssd.conf.5.xml:787
msgid "autofs_negative_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:761
+#: sssd.conf.5.xml:790
msgid ""
"Specifies for how many seconds should the autofs responder negative cache "
"hits (that is, queries for invalid map entries, like nonexistent ones) "
@@ -1055,51 +1095,51 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:777
+#: sssd.conf.5.xml:806
msgid "SSH configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:779
+#: sssd.conf.5.xml:808
msgid "These options can be used to configure the SSH service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:783
+#: sssd.conf.5.xml:812
msgid "ssh_hash_known_hosts (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:786
+#: sssd.conf.5.xml:815
msgid ""
"Whether or not to hash host names and addresses in the managed known_hosts "
"file."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:795
+#: sssd.conf.5.xml:824
msgid "ssh_known_hosts_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:798
+#: sssd.conf.5.xml:827
msgid ""
"How many seconds to keep a host in the managed known_hosts file after its "
"host keys were requested."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:802
+#: sssd.conf.5.xml:831
msgid "Default: 180"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:810
+#: sssd.conf.5.xml:839
msgid "PAC responder configuration options"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:812
+#: sssd.conf.5.xml:841
msgid ""
"The PAC responder works together with the authorization data plugin for MIT "
"Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the "
@@ -1111,35 +1151,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:821
+#: sssd.conf.5.xml:850
msgid ""
"If the remote user does not exist in the cache, it is created. The uid is "
-"calculated based on the SID, trusted domains will have UPGs and the gid will "
-"have the same value as the uid. The home directory is set based on the "
-"subdomain_homedir parameter. The shell will be empty by default, i.e. the "
-"system defaults are used, but can be overwritten with the default_shell "
+"determined with the help of the SID, trusted domains will have UPGs and the "
+"gid will have the same value as the uid. The home directory is set based on "
+"the subdomain_homedir parameter. The shell will be empty by default, i.e. "
+"the system defaults are used, but can be overwritten with the default_shell "
"parameter."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:829
+#: sssd.conf.5.xml:858
msgid ""
-"If there are SIDs of groups from the domain the sssd client belongs to, the "
-"user will be added to those groups."
+"If there are SIDs of groups from domains sssd knows about, the user will be "
+"added to those groups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:835
+#: sssd.conf.5.xml:864
msgid "These options can be used to configure the PAC responder."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:839
+#: sssd.conf.5.xml:868
msgid "allowed_uids (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:842
+#: sssd.conf.5.xml:871
msgid ""
"Specifies the comma-separated list of UID values or user names that are "
"allowed to access the PAC responder. User names are resolved to UIDs at "
@@ -1147,12 +1187,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:848
+#: sssd.conf.5.xml:877
msgid "Default: 0 (only the root user is allowed to access the PAC responder)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:852
+#: sssd.conf.5.xml:881
msgid ""
"Please note that although the UID 0 is used as the default it will be "
"overwritten with this option. If you still want to allow the root user to "
@@ -1161,24 +1201,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:866
+#: sssd.conf.5.xml:895
msgid "DOMAIN SECTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:873
+#: sssd.conf.5.xml:902
msgid "min_id,max_id (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:876
+#: sssd.conf.5.xml:905
msgid ""
"UID and GID limits for the domain. If a domain contains an entry that is "
"outside these limits, it is ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:881
+#: sssd.conf.5.xml:910
msgid ""
"For users, this affects the primary GID limit. The user will not be returned "
"to NSS if either the UID or the primary GID is outside the range. For non-"
@@ -1187,40 +1227,40 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:888
+#: sssd.conf.5.xml:917
msgid "Default: 1 for min_id, 0 (no limit) for max_id"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:894
+#: sssd.conf.5.xml:923
msgid "enumerate (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:897
+#: sssd.conf.5.xml:926
msgid ""
"Determines if a domain can be enumerated. This parameter can have one of the "
"following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:901
+#: sssd.conf.5.xml:930
msgid "TRUE = Users and groups are enumerated"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:904
+#: sssd.conf.5.xml:933
msgid "FALSE = No enumerations for this domain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:907 sssd.conf.5.xml:1063 sssd.conf.5.xml:1165
-#: sssd.conf.5.xml:1182
+#: sssd.conf.5.xml:936 sssd.conf.5.xml:1110 sssd.conf.5.xml:1212
+#: sssd.conf.5.xml:1229
msgid "Default: FALSE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:910
+#: sssd.conf.5.xml:939
msgid ""
"Note: Enabling enumeration has a moderate performance impact on SSSD while "
"enumeration is running. It may take up to several minutes after SSSD startup "
@@ -1232,14 +1272,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:923
+#: sssd.conf.5.xml:952
msgid ""
"While the first enumeration is running, requests for the complete user or "
"group lists may return no results until it completes."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:928
+#: sssd.conf.5.xml:957
msgid ""
"Further, enabling enumeration may increase the time necessary to detect "
"network disconnection, as longer timeouts are required to ensure that "
@@ -1248,129 +1288,151 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:936
+#: sssd.conf.5.xml:965
msgid ""
"For the reasons cited above, enabling enumeration is not recommended, "
"especially in large environments."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:960
+#: sssd.conf.5.xml:989
msgid "entry_cache_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:963
+#: sssd.conf.5.xml:992
msgid ""
"How many seconds should nss_sss consider entries valid before asking the "
"backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:967
+#: sssd.conf.5.xml:996
msgid "Default: 5400"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:973
+#: sssd.conf.5.xml:1002
msgid "entry_cache_user_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:976
+#: sssd.conf.5.xml:1005
msgid ""
"How many seconds should nss_sss consider user entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:980 sssd.conf.5.xml:993 sssd.conf.5.xml:1006
-#: sssd.conf.5.xml:1019 sssd.conf.5.xml:1032 sssd.conf.5.xml:1046
+#: sssd.conf.5.xml:1009 sssd.conf.5.xml:1022 sssd.conf.5.xml:1035
+#: sssd.conf.5.xml:1048 sssd.conf.5.xml:1061 sssd.conf.5.xml:1075
msgid "Default: entry_cache_timeout"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:986
+#: sssd.conf.5.xml:1015
msgid "entry_cache_group_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:989
+#: sssd.conf.5.xml:1018
msgid ""
"How many seconds should nss_sss consider group entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:999
+#: sssd.conf.5.xml:1028
msgid "entry_cache_netgroup_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1002
+#: sssd.conf.5.xml:1031
msgid ""
"How many seconds should nss_sss consider netgroup entries valid before "
"asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1012
+#: sssd.conf.5.xml:1041
msgid "entry_cache_service_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1015
+#: sssd.conf.5.xml:1044
msgid ""
"How many seconds should nss_sss consider service entries valid before asking "
"the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1025
+#: sssd.conf.5.xml:1054
msgid "entry_cache_sudo_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1028
+#: sssd.conf.5.xml:1057
msgid ""
"How many seconds should sudo consider rules valid before asking the backend "
"again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1038
+#: sssd.conf.5.xml:1067
msgid "entry_cache_autofs_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1041
+#: sssd.conf.5.xml:1070
msgid ""
"How many seconds should the autofs service consider automounter maps valid "
"before asking the backend again"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1052
+#: sssd.conf.5.xml:1081
+msgid "refresh_expired_interval (integer)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1084
+msgid ""
+"Specifies how many seconds SSSD has to wait before refreshing expired "
+"records. Currently only refreshing expired netgroups is supported."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1089
+msgid "You can consider setting this value to 3/4 * entry_cache_timeout."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1093 sssd-ipa.5.xml:221
+msgid "Default: 0 (disabled)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1099
msgid "cache_credentials (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1055
+#: sssd.conf.5.xml:1102
msgid "Determines if user credentials are also cached in the local LDB cache"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1059
+#: sssd.conf.5.xml:1106
msgid "User credentials are stored in a SHA512 hash, not in plaintext"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1068
+#: sssd.conf.5.xml:1115
msgid "account_cache_expiration (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1071
+#: sssd.conf.5.xml:1118
msgid ""
"Number of days entries are left in cache after last successful login before "
"being removed during a cleanup of the cache. 0 means keep forever. The "
@@ -1379,17 +1441,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1078
+#: sssd.conf.5.xml:1125
msgid "Default: 0 (unlimited)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1083
+#: sssd.conf.5.xml:1130
msgid "pwd_expiration_warning (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1094
+#: sssd.conf.5.xml:1141
msgid ""
"Please note that the backend server has to provide information about the "
"expiration time of the password. If this information is missing, sssd "
@@ -1398,33 +1460,33 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1101
+#: sssd.conf.5.xml:1148
msgid "Default: 7 (Kerberos), 0 (LDAP)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1107
+#: sssd.conf.5.xml:1154
msgid "id_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1110
+#: sssd.conf.5.xml:1157
msgid ""
"The identification provider used for the domain. Supported ID providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1114
+#: sssd.conf.5.xml:1161
msgid "<quote>proxy</quote>: Support a legacy NSS provider"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1117
+#: sssd.conf.5.xml:1164
msgid "<quote>local</quote>: SSSD internal provider for local users"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1121
+#: sssd.conf.5.xml:1168
msgid ""
"<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-"
"ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more "
@@ -1432,8 +1494,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1129 sssd.conf.5.xml:1208 sssd.conf.5.xml:1259
-#: sssd.conf.5.xml:1312
+#: sssd.conf.5.xml:1176 sssd.conf.5.xml:1255 sssd.conf.5.xml:1306
+#: sssd.conf.5.xml:1359
msgid ""
"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management "
"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> "
@@ -1442,8 +1504,8 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1138 sssd.conf.5.xml:1217 sssd.conf.5.xml:1268
-#: sssd.conf.5.xml:1321
+#: sssd.conf.5.xml:1185 sssd.conf.5.xml:1264 sssd.conf.5.xml:1315
+#: sssd.conf.5.xml:1368
msgid ""
"<quote>ad</quote>: Active Directory provider. See <citerefentry> "
"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1451,19 +1513,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1149
+#: sssd.conf.5.xml:1196
msgid "use_fully_qualified_names (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1152
+#: sssd.conf.5.xml:1199
msgid ""
"Use the full name and domain (as formatted by the domain's full_name_format) "
"as the user's login name reported to NSS."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1157
+#: sssd.conf.5.xml:1204
msgid ""
"If set to TRUE, all requests to this domain must use fully qualified names. "
"For example, if used in LOCAL domain that contains a \"test\" user, "
@@ -1472,17 +1534,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1170
+#: sssd.conf.5.xml:1217
msgid "ignore_group_members (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1173
+#: sssd.conf.5.xml:1220
msgid "Do not return group members for group lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1176
+#: sssd.conf.5.xml:1223
msgid ""
"If set to TRUE, the group membership attribute is not requested from the "
"ldap server, and group members are not returned when processing group lookup "
@@ -1490,19 +1552,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1187
+#: sssd.conf.5.xml:1234
msgid "auth_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1190
+#: sssd.conf.5.xml:1237
msgid ""
"The authentication provider used for the domain. Supported auth providers "
"are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1252
+#: sssd.conf.5.xml:1241 sssd.conf.5.xml:1299
msgid ""
"<quote>ldap</quote> for native LDAP authentication. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1510,7 +1572,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1201
+#: sssd.conf.5.xml:1248
msgid ""
"<quote>krb5</quote> for Kerberos authentication. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1518,30 +1580,30 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1225
+#: sssd.conf.5.xml:1272
msgid ""
"<quote>proxy</quote> for relaying authentication to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1228
+#: sssd.conf.5.xml:1275
msgid "<quote>none</quote> disables authentication explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1231
+#: sssd.conf.5.xml:1278
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"authentication requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1237
+#: sssd.conf.5.xml:1284
msgid "access_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1240
+#: sssd.conf.5.xml:1287
msgid ""
"The access control provider used for the domain. There are two built-in "
"access providers (in addition to any included in installed backends) "
@@ -1549,19 +1611,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1246
+#: sssd.conf.5.xml:1293
msgid ""
"<quote>permit</quote> always allow access. It's the only permitted access "
"provider for a local domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1249
+#: sssd.conf.5.xml:1296
msgid "<quote>deny</quote> always deny access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1276
+#: sssd.conf.5.xml:1323
msgid ""
"<quote>simple</quote> access control based on access or deny lists. See "
"<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</"
@@ -1570,24 +1632,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1283
+#: sssd.conf.5.xml:1330
msgid "Default: <quote>permit</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1288
+#: sssd.conf.5.xml:1335
msgid "chpass_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1291
+#: sssd.conf.5.xml:1338
msgid ""
"The provider which should handle change password operations for the domain. "
"Supported change password providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1296
+#: sssd.conf.5.xml:1343
msgid ""
"<quote>ldap</quote> to change a password stored in a LDAP server. See "
"<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</"
@@ -1595,7 +1657,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1304
+#: sssd.conf.5.xml:1351
msgid ""
"<quote>krb5</quote> to change the Kerberos password. See <citerefentry> "
"<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1603,35 +1665,35 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1329
+#: sssd.conf.5.xml:1376
msgid ""
"<quote>proxy</quote> for relaying password changes to some other PAM target."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1333
+#: sssd.conf.5.xml:1380
msgid "<quote>none</quote> disallows password changes explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1336
+#: sssd.conf.5.xml:1383
msgid ""
"Default: <quote>auth_provider</quote> is used if it is set and can handle "
"change password requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1343
+#: sssd.conf.5.xml:1390
msgid "sudo_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1346
+#: sssd.conf.5.xml:1393
msgid "The SUDO provider used for the domain. Supported SUDO providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1350
+#: sssd.conf.5.xml:1397
msgid ""
"<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1639,23 +1701,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1357
+#: sssd.conf.5.xml:1404
msgid "<quote>none</quote> disables SUDO explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1360 sssd.conf.5.xml:1414 sssd.conf.5.xml:1446
-#: sssd.conf.5.xml:1471
+#: sssd.conf.5.xml:1407 sssd.conf.5.xml:1461 sssd.conf.5.xml:1493
+#: sssd.conf.5.xml:1518
msgid "Default: The value of <quote>id_provider</quote> is used if it is set."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1366
+#: sssd.conf.5.xml:1413
msgid "selinux_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1369
+#: sssd.conf.5.xml:1416
msgid ""
"The provider which should handle loading of selinux settings. Note that this "
"provider will be called right after access provider ends. Supported selinux "
@@ -1663,7 +1725,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1375
+#: sssd.conf.5.xml:1422
msgid ""
"<quote>ipa</quote> to load selinux settings from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1671,31 +1733,31 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1383
+#: sssd.conf.5.xml:1430
msgid "<quote>none</quote> disallows fetching selinux settings explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1386
+#: sssd.conf.5.xml:1433
msgid ""
"Default: <quote>id_provider</quote> is used if it is set and can handle "
"selinux loading requests."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1392
+#: sssd.conf.5.xml:1439
msgid "subdomains_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1395
+#: sssd.conf.5.xml:1442
msgid ""
"The provider which should handle fetching of subdomains. This value should "
"be always the same as id_provider. Supported subdomain providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1401
+#: sssd.conf.5.xml:1448
msgid ""
"<quote>ipa</quote> to load a list of subdomains from an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1703,23 +1765,23 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1410
+#: sssd.conf.5.xml:1457
msgid "<quote>none</quote> disallows fetching subdomains explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1421
+#: sssd.conf.5.xml:1468
msgid "autofs_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1424
+#: sssd.conf.5.xml:1471
msgid ""
"The autofs provider used for the domain. Supported autofs providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1428
+#: sssd.conf.5.xml:1475
msgid ""
"<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> "
"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1727,7 +1789,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1435
+#: sssd.conf.5.xml:1482
msgid ""
"<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> "
"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </"
@@ -1735,24 +1797,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1443
+#: sssd.conf.5.xml:1490
msgid "<quote>none</quote> disables autofs explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1453
+#: sssd.conf.5.xml:1500
msgid "hostid_provider (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1456
+#: sssd.conf.5.xml:1503
msgid ""
"The provider used for retrieving host identity information. Supported "
"hostid providers are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1460
+#: sssd.conf.5.xml:1507
msgid ""
"<quote>ipa</quote> to load host identity stored in an IPA server. See "
"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</"
@@ -1760,19 +1822,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1468
+#: sssd.conf.5.xml:1515
msgid "<quote>none</quote> disables hostid explicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1481
+#: sssd.conf.5.xml:1528
msgid ""
"Regular expression for this domain that describes how to parse the string "
-"containing user name and domain into these components."
+"containing user name and domain into these components. The \"domain\" can "
+"match either the SSSD configuration domain name, or, in the case of IPA "
+"trust subdomains and Active Directory domains, the flat (NetBIOS) name of "
+"the domain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1486
+#: sssd.conf.5.xml:1537
msgid ""
"Default for the AD and IPA provider: <quote>(((?P&lt;domain&gt;[^\\\\]+)\\"
"\\(?P&lt;name&gt;.+$))|((?P&lt;name&gt;[^@]+)@(?P&lt;domain&gt;.+$))|(^(?"
@@ -1781,29 +1846,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1491
+#: sssd.conf.5.xml:1542
msgid "username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1494
+#: sssd.conf.5.xml:1545
msgid "username@domain.name"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para>
-#: sssd.conf.5.xml:1497
+#: sssd.conf.5.xml:1548
msgid "domain\\username"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1500
+#: sssd.conf.5.xml:1551
msgid ""
"While the first two correspond to the general default the third one is "
"introduced to allow easy integration of users from Windows domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1505
+#: sssd.conf.5.xml:1556
msgid ""
"Default: <quote>(?P&lt;name&gt;[^@]+)@?(?P&lt;domain&gt;[^@]*$)</quote> "
"which translates to \"the name is everything up to the <quote>@</quote> "
@@ -1811,7 +1876,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1511
+#: sssd.conf.5.xml:1562
msgid ""
"PLEASE NOTE: the support for non-unique named subpatterns is not available "
"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre "
@@ -1819,74 +1884,66 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1518
+#: sssd.conf.5.xml:1569
msgid ""
"PLEASE NOTE ALSO: older version of libpcre only support the Python syntax (?"
"P&lt;name&gt;) to label subpatterns."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1528
-msgid ""
-"A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</"
-"manvolnum> </citerefentry>-compatible format that describes how to translate "
-"a (name, domain) tuple for this domain into a fully qualified name."
-msgstr ""
-
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1536
+#: sssd.conf.5.xml:1616
msgid "Default: <quote>%1$s@%2$s</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1542
+#: sssd.conf.5.xml:1622
msgid "lookup_family_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1545
+#: sssd.conf.5.xml:1625
msgid ""
"Provides the ability to select preferred address family to use when "
"performing DNS lookups."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1549
+#: sssd.conf.5.xml:1629
msgid "Supported values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1552
+#: sssd.conf.5.xml:1632
msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1555
+#: sssd.conf.5.xml:1635
msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1558
+#: sssd.conf.5.xml:1638
msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1561
+#: sssd.conf.5.xml:1641
msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1564
+#: sssd.conf.5.xml:1644
msgid "Default: ipv4_first"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1570
+#: sssd.conf.5.xml:1650
msgid "dns_resolver_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1573
+#: sssd.conf.5.xml:1653
msgid ""
"Defines the amount of time (in seconds) to wait for a reply from the DNS "
"resolver before assuming that it is unreachable. If this timeout is reached, "
@@ -1894,56 +1951,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1585
+#: sssd.conf.5.xml:1665
msgid "dns_discovery_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1588
+#: sssd.conf.5.xml:1668
msgid ""
"If service discovery is used in the back end, specifies the domain part of "
"the service discovery DNS query."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1592
+#: sssd.conf.5.xml:1672
msgid "Default: Use the domain part of machine's hostname"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1598
+#: sssd.conf.5.xml:1678
msgid "override_gid (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1601
+#: sssd.conf.5.xml:1681
msgid "Override the primary GID value with the one specified."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1607
+#: sssd.conf.5.xml:1687
msgid "case_sensitive (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1610
+#: sssd.conf.5.xml:1690
msgid ""
"Treat user and group names as case sensitive. At the moment, this option is "
"not supported in the local provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1615 sssd-ad.5.xml:227
+#: sssd.conf.5.xml:1695 sssd-ad.5.xml:239
msgid "Default: True"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1621
+#: sssd.conf.5.xml:1701
msgid "proxy_fast_alias (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1624
+#: sssd.conf.5.xml:1704
msgid ""
"When a user or group is looked up by name in the proxy provider, a second "
"lookup by ID is performed to \"canonicalize\" the name in case the requested "
@@ -1952,22 +2009,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1638
+#: sssd.conf.5.xml:1718
msgid "subdomain_homedir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1648
+#: sssd.conf.5.xml:1728
msgid "%F"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1649
+#: sssd.conf.5.xml:1729
msgid "flat (NetBIOS) name of a subdomain."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1641
+#: sssd.conf.5.xml:1721
msgid ""
"Use this homedir as default value for all subdomains within this domain. See "
"<emphasis>override_homedir</emphasis> for info about possible values. In "
@@ -1977,18 +2034,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1654
+#: sssd.conf.5.xml:1734
msgid ""
"The value can be overridden by <emphasis>override_homedir</emphasis> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1658
+#: sssd.conf.5.xml:1738
msgid "Default: <filename>/home/%d/%u</filename>"
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd.conf.5.xml:1743
+msgid "realmd_tags (string)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd.conf.5.xml:1746
+msgid ""
+"Various tags stored by the realmd configuration service for this domain."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:868
+#: sssd.conf.5.xml:897
msgid ""
"These configuration options can be present in a domain configuration "
"section, that is, in a section called <quote>[domain/<replaceable>NAME</"
@@ -1996,29 +2064,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1670
+#: sssd.conf.5.xml:1759
msgid "proxy_pam_target (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1673
+#: sssd.conf.5.xml:1762
msgid "The proxy target PAM proxies to."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1676
+#: sssd.conf.5.xml:1765
msgid ""
"Default: not set by default, you have to take an existing pam configuration "
"or create a new one and add the service name here."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1684
+#: sssd.conf.5.xml:1773
msgid "proxy_lib_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1687
+#: sssd.conf.5.xml:1776
msgid ""
"The name of the NSS library to use in proxy domains. The NSS functions "
"searched for in the library are in the form of _nss_$(libName)_$(function), "
@@ -2026,19 +2094,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1666
+#: sssd.conf.5.xml:1755
msgid ""
"Options valid for proxy domains. <placeholder type=\"variablelist\" id="
"\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><title>
-#: sssd.conf.5.xml:1699
+#: sssd.conf.5.xml:1788
msgid "The local domain section"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><para>
-#: sssd.conf.5.xml:1701
+#: sssd.conf.5.xml:1790
msgid ""
"This section contains settings for domain that stores users and groups in "
"SSSD native database, that is, a domain that uses "
@@ -2046,73 +2114,73 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1708
+#: sssd.conf.5.xml:1797
msgid "default_shell (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1711
+#: sssd.conf.5.xml:1800
msgid "The default shell for users created with SSSD userspace tools."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1715
+#: sssd.conf.5.xml:1804
msgid "Default: <filename>/bin/bash</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1720
+#: sssd.conf.5.xml:1809
msgid "base_directory (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1723
+#: sssd.conf.5.xml:1812
msgid ""
"The tools append the login name to <replaceable>base_directory</replaceable> "
"and use that as the home directory."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1728
+#: sssd.conf.5.xml:1817
msgid "Default: <filename>/home</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1733
+#: sssd.conf.5.xml:1822
msgid "create_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1736
+#: sssd.conf.5.xml:1825
msgid ""
"Indicate if a home directory should be created by default for new users. "
"Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1740 sssd.conf.5.xml:1752
+#: sssd.conf.5.xml:1829 sssd.conf.5.xml:1841
msgid "Default: TRUE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1745
+#: sssd.conf.5.xml:1834
msgid "remove_homedir (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1748
+#: sssd.conf.5.xml:1837
msgid ""
"Indicate if a home directory should be removed by default for deleted "
"users. Can be overridden on command line."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1757
+#: sssd.conf.5.xml:1846
msgid "homedir_umask (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1760
+#: sssd.conf.5.xml:1849
msgid ""
"Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> "
"<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions "
@@ -2120,17 +2188,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1768
+#: sssd.conf.5.xml:1857
msgid "Default: 077"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1773
+#: sssd.conf.5.xml:1862
msgid "skel_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1776
+#: sssd.conf.5.xml:1865
msgid ""
"The skeleton directory, which contains files and directories to be copied in "
"the user's home directory, when the home directory is created by "
@@ -2139,17 +2207,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1786
+#: sssd.conf.5.xml:1875
msgid "Default: <filename>/etc/skel</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1791
+#: sssd.conf.5.xml:1880
msgid "mail_dir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1794
+#: sssd.conf.5.xml:1883
msgid ""
"The mail spool directory. This is needed to manipulate the mailbox when its "
"corresponding user account is modified or deleted. If not specified, a "
@@ -2157,17 +2225,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1801
+#: sssd.conf.5.xml:1890
msgid "Default: <filename>/var/mail</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term>
-#: sssd.conf.5.xml:1806
+#: sssd.conf.5.xml:1895
msgid "userdel_cmd (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1809
+#: sssd.conf.5.xml:1898
msgid ""
"The command that is run after a user is removed. The command us passed the "
"username of the user being removed as the first and only parameter. The "
@@ -2175,18 +2243,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para>
-#: sssd.conf.5.xml:1815
+#: sssd.conf.5.xml:1904
msgid "Default: None, no command is run"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd.conf.5.xml:1825 sssd-ldap.5.xml:2308 sssd-simple.5.xml:131
-#: sssd-ipa.5.xml:736 sssd-ad.5.xml:276 sssd-krb5.5.xml:478
+#: sssd.conf.5.xml:1914 sssd-ldap.5.xml:2378 sssd-simple.5.xml:131
+#: sssd-ipa.5.xml:740 sssd-ad.5.xml:288 sssd-krb5.5.xml:506
msgid "EXAMPLE"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd.conf.5.xml:1831
+#: sssd.conf.5.xml:1920
#, no-wrap
msgid ""
"[sssd]\n"
@@ -2216,7 +2284,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd.conf.5.xml:1827
+#: sssd.conf.5.xml:1916
msgid ""
"The following example shows a typical SSSD config. It does not describe "
"configuration of the domains themselves - refer to documentation on "
@@ -2557,7 +2625,7 @@ msgid "The LDAP attribute that corresponds to the user's primary group id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:778
+#: sssd-ldap.5.xml:296 sssd-ldap.5.xml:792
msgid "Default: gidNumber"
msgstr ""
@@ -2617,7 +2685,7 @@ msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:804 sssd-ldap.5.xml:990
+#: sssd-ldap.5.xml:348 sssd-ldap.5.xml:818 sssd-ldap.5.xml:1004
msgid "Default: nsUniqueId"
msgstr ""
@@ -2634,7 +2702,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:818
+#: sssd-ldap.5.xml:362 sssd-ldap.5.xml:832
msgid "Default: objectSid for ActiveDirectory, not set for other servers."
msgstr ""
@@ -2644,14 +2712,14 @@ msgid "ldap_user_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:828 sssd-ldap.5.xml:999
+#: sssd-ldap.5.xml:372 sssd-ldap.5.xml:842 sssd-ldap.5.xml:1013
msgid ""
"The LDAP attribute that contains timestamp of the last modification of the "
"parent object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:832 sssd-ldap.5.xml:1006
+#: sssd-ldap.5.xml:376 sssd-ldap.5.xml:846 sssd-ldap.5.xml:1020
msgid "Default: modifyTimestamp"
msgstr ""
@@ -2988,9 +3056,9 @@ msgid "The LDAP attribute that corresponds to the user's full name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:765 sssd-ldap.5.xml:940
-#: sssd-ldap.5.xml:1031 sssd-ldap.5.xml:1872 sssd-ldap.5.xml:2198
-#: sssd-ipa.5.xml:591
+#: sssd-ldap.5.xml:686 sssd-ldap.5.xml:779 sssd-ldap.5.xml:954
+#: sssd-ldap.5.xml:1045 sssd-ldap.5.xml:1942 sssd-ldap.5.xml:2268
+#: sssd-ipa.5.xml:595
msgid "Default: cn"
msgstr ""
@@ -3005,7 +3073,7 @@ msgid "The LDAP attribute that lists the user's group memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:495
+#: sssd-ldap.5.xml:699 sssd-ipa.5.xml:499
msgid "Default: memberOf"
msgstr ""
@@ -3031,16 +3099,24 @@ msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
#: sssd-ldap.5.xml:720
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>authorized_service</quote> in order for the "
+"ldap_user_authorized_service option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:727
msgid "Default: authorizedService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:726
+#: sssd-ldap.5.xml:733
msgid "ldap_user_authorized_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:729
+#: sssd-ldap.5.xml:736
msgid ""
"If access_provider=ldap and ldap_access_order=host, SSSD will use the "
"presence of the host attribute in the user's LDAP entry to determine access "
@@ -3048,101 +3124,109 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:735
+#: sssd-ldap.5.xml:742
msgid ""
"An explicit deny (!host) is resolved first. Second, SSSD searches for "
"explicit allow (host) and finally for allow_all (*)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:740
+#: sssd-ldap.5.xml:747
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>host</quote> in order for the "
+"ldap_user_authorized_host option to work."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:754
msgid "Default: host"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:746
+#: sssd-ldap.5.xml:760
msgid "ldap_group_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:749
+#: sssd-ldap.5.xml:763
msgid "The object class of a group entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:752
+#: sssd-ldap.5.xml:766
msgid "Default: posixGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:758
+#: sssd-ldap.5.xml:772
msgid "ldap_group_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:761
+#: sssd-ldap.5.xml:775
msgid "The LDAP attribute that corresponds to the group name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:771
+#: sssd-ldap.5.xml:785
msgid "ldap_group_gid_number (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:774
+#: sssd-ldap.5.xml:788
msgid "The LDAP attribute that corresponds to the group's id."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:784
+#: sssd-ldap.5.xml:798
msgid "ldap_group_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:787
+#: sssd-ldap.5.xml:801
msgid "The LDAP attribute that contains the names of the group's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:791
+#: sssd-ldap.5.xml:805
msgid "Default: memberuid (rfc2307) / member (rfc2307bis)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:797
+#: sssd-ldap.5.xml:811
msgid "ldap_group_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:800
+#: sssd-ldap.5.xml:814
msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:810
+#: sssd-ldap.5.xml:824
msgid "ldap_group_objectsid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:813
+#: sssd-ldap.5.xml:827
msgid ""
"The LDAP attribute that contains the objectSID of an LDAP group object. This "
"is usually only necessary for ActiveDirectory servers."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:825
+#: sssd-ldap.5.xml:839
msgid "ldap_group_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:838
+#: sssd-ldap.5.xml:852
msgid "ldap_group_nesting_level (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:841
+#: sssd-ldap.5.xml:855
msgid ""
"If ldap_schema is set to a schema format that supports nested groups (e.g. "
"RFC2307bis), then this option controls how many levels of nesting SSSD will "
@@ -3150,17 +3234,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:848
+#: sssd-ldap.5.xml:862
msgid "Default: 2"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:854
+#: sssd-ldap.5.xml:868
msgid "ldap_groups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:857
+#: sssd-ldap.5.xml:871
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which may speed up group lookup operations on deployments with "
@@ -3168,14 +3252,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:863
+#: sssd-ldap.5.xml:877
msgid ""
"In most common cases, it is best to leave this option disabled. It generally "
"only provides a performance increase on very complex nestings."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:868 sssd-ldap.5.xml:895
+#: sssd-ldap.5.xml:882 sssd-ldap.5.xml:909
msgid ""
"If this option is enabled, SSSD will use it if it detects that the server "
"supports it during initial connection. So \"True\" here essentially means "
@@ -3183,7 +3267,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:874 sssd-ldap.5.xml:901
+#: sssd-ldap.5.xml:888 sssd-ldap.5.xml:915
msgid ""
"Note: This feature is currently known to work only with Active Directory "
"2008 R1 and later. See <ulink url=\"http://msdn.microsoft.com/en-us/library/"
@@ -3192,18 +3276,18 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:880 sssd-ldap.5.xml:907 sssd-ldap.5.xml:1198
-#: sssd-ldap.5.xml:1650 include/ldap_id_mapping.xml:184
+#: sssd-ldap.5.xml:894 sssd-ldap.5.xml:921 sssd-ldap.5.xml:1212
+#: sssd-ldap.5.xml:1233 sssd-ldap.5.xml:1713 include/ldap_id_mapping.xml:184
msgid "Default: False"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:886
+#: sssd-ldap.5.xml:900
msgid "ldap_initgroups_use_matching_rule_in_chain"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:889
+#: sssd-ldap.5.xml:903
msgid ""
"This option tells SSSD to take advantage of an Active Directory-specific "
"feature which might speed up initgroups operations (most notably when "
@@ -3211,172 +3295,172 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:913
+#: sssd-ldap.5.xml:927
msgid "ldap_netgroup_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:916
+#: sssd-ldap.5.xml:930
msgid "The object class of a netgroup entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:919
+#: sssd-ldap.5.xml:933
msgid "In IPA provider, ipa_netgroup_object_class should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:923
+#: sssd-ldap.5.xml:937
msgid "Default: nisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:929
+#: sssd-ldap.5.xml:943
msgid "ldap_netgroup_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:932
+#: sssd-ldap.5.xml:946
msgid "The LDAP attribute that corresponds to the netgroup name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:936
+#: sssd-ldap.5.xml:950
msgid "In IPA provider, ipa_netgroup_name should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:946
+#: sssd-ldap.5.xml:960
msgid "ldap_netgroup_member (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:949
+#: sssd-ldap.5.xml:963
msgid "The LDAP attribute that contains the names of the netgroup's members."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:953
+#: sssd-ldap.5.xml:967
msgid "In IPA provider, ipa_netgroup_member should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:957
+#: sssd-ldap.5.xml:971
msgid "Default: memberNisNetgroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:963
+#: sssd-ldap.5.xml:977
msgid "ldap_netgroup_triple (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:966
+#: sssd-ldap.5.xml:980
msgid ""
"The LDAP attribute that contains the (host, user, domain) netgroup triples."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:970 sssd-ldap.5.xml:1003
+#: sssd-ldap.5.xml:984 sssd-ldap.5.xml:1017
msgid "This option is not available in IPA provider."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:973
+#: sssd-ldap.5.xml:987
msgid "Default: nisNetgroupTriple"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:979
+#: sssd-ldap.5.xml:993
msgid "ldap_netgroup_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:982
+#: sssd-ldap.5.xml:996
msgid ""
"The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:986
+#: sssd-ldap.5.xml:1000
msgid "In IPA provider, ipa_netgroup_uuid should be used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:996
+#: sssd-ldap.5.xml:1010
msgid "ldap_netgroup_modify_timestamp (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1012
+#: sssd-ldap.5.xml:1026
msgid "ldap_service_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1015
+#: sssd-ldap.5.xml:1029
msgid "The object class of a service entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1018
+#: sssd-ldap.5.xml:1032
msgid "Default: ipService"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1024
+#: sssd-ldap.5.xml:1038
msgid "ldap_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1027
+#: sssd-ldap.5.xml:1041
msgid ""
"The LDAP attribute that contains the name of service attributes and their "
"aliases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1037
+#: sssd-ldap.5.xml:1051
msgid "ldap_service_port (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1040
+#: sssd-ldap.5.xml:1054
msgid "The LDAP attribute that contains the port managed by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1044
+#: sssd-ldap.5.xml:1058
msgid "Default: ipServicePort"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1050
+#: sssd-ldap.5.xml:1064
msgid "ldap_service_proto (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1053
+#: sssd-ldap.5.xml:1067
msgid ""
"The LDAP attribute that contains the protocols understood by this service."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1057
+#: sssd-ldap.5.xml:1071
msgid "Default: ipServiceProtocol"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1063
+#: sssd-ldap.5.xml:1077
msgid "ldap_service_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1068
+#: sssd-ldap.5.xml:1082
msgid "ldap_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1071
+#: sssd-ldap.5.xml:1085
msgid ""
"Specifies the timeout (in seconds) that ldap searches are allowed to run "
"before they are cancelled and cached results are returned (and offline mode "
@@ -3384,7 +3468,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1077
+#: sssd-ldap.5.xml:1091
msgid ""
"Note: this option is subject to change in future versions of the SSSD. It "
"will likely be replaced at some point by a series of timeouts for specific "
@@ -3392,18 +3476,18 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1083 sssd-ldap.5.xml:1125 sssd-ldap.5.xml:1140
+#: sssd-ldap.5.xml:1097 sssd-ldap.5.xml:1139 sssd-ldap.5.xml:1154
#: sssd-krb5.5.xml:226
msgid "Default: 6"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1089
+#: sssd-ldap.5.xml:1103
msgid "ldap_enumeration_search_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1092
+#: sssd-ldap.5.xml:1106
msgid ""
"Specifies the timeout (in seconds) that ldap searches for user and group "
"enumerations are allowed to run before they are cancelled and cached results "
@@ -3411,12 +3495,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1105
+#: sssd-ldap.5.xml:1119
msgid "ldap_network_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1108
+#: sssd-ldap.5.xml:1122
msgid ""
"Specifies the timeout (in seconds) after which the <citerefentry> "
"<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/"
@@ -3427,12 +3511,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1131
+#: sssd-ldap.5.xml:1145
msgid "ldap_opt_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1134
+#: sssd-ldap.5.xml:1148
msgid ""
"Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs "
"will abort if no response is received. Also controls the timeout when "
@@ -3440,12 +3524,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1146
+#: sssd-ldap.5.xml:1160
msgid "ldap_connection_expire_timeout (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1149
+#: sssd-ldap.5.xml:1163
msgid ""
"Specifies a timeout (in seconds) that a connection to an LDAP server will be "
"maintained. After this time, the connection will be re-established. If used "
@@ -3454,34 +3538,34 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1157 sssd-ldap.5.xml:2029
+#: sssd-ldap.5.xml:1171 sssd-ldap.5.xml:2099
msgid "Default: 900 (15 minutes)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1163
+#: sssd-ldap.5.xml:1177
msgid "ldap_page_size (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1166
+#: sssd-ldap.5.xml:1180
msgid ""
"Specify the number of records to retrieve from LDAP in a single request. "
"Some LDAP servers enforce a maximum limit per-request."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1171
+#: sssd-ldap.5.xml:1185
msgid "Default: 1000"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1177
+#: sssd-ldap.5.xml:1191
msgid "ldap_disable_paging (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1180
+#: sssd-ldap.5.xml:1194
msgid ""
"Disable the LDAP paging control. This option should be used if the LDAP "
"server reports that it supports the LDAP paging control in its RootDSE but "
@@ -3489,14 +3573,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1186
+#: sssd-ldap.5.xml:1200
msgid ""
"Example: OpenLDAP servers with the paging control module installed on the "
"server but not enabled will report it in the RootDSE but be unable to use it."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1192
+#: sssd-ldap.5.xml:1206
msgid ""
"Example: 389 DS has a bug where it can only support a one paging control at "
"a time on a single connection. On busy clients, this can result in some "
@@ -3504,12 +3588,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1204
+#: sssd-ldap.5.xml:1218
+msgid "ldap_disable_range_retrieval (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1221
+msgid "Disable Active Directory range retrieval."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1224
+msgid ""
+"Active Directory limits the number of members to be retrieved in a single "
+"lookup using the MaxValRange policy (which defaults to 1500 members). If a "
+"group contains more members, the reply would include an AD-specific range "
+"extension. This option disables parsing of the range extension, therefore "
+"large groups will appear as having no members."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1239
msgid "ldap_sasl_minssf (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1207
+#: sssd-ldap.5.xml:1242
msgid ""
"When communicating with an LDAP server using SASL, specify the minimum "
"security level necessary to establish the connection. The values of this "
@@ -3517,17 +3621,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1213
+#: sssd-ldap.5.xml:1248
msgid "Default: Use the system default (usually specified by ldap.conf)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1220
+#: sssd-ldap.5.xml:1255
msgid "ldap_deref_threshold (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1223
+#: sssd-ldap.5.xml:1258
msgid ""
"Specify the number of group members that must be missing from the internal "
"cache in order to trigger a dereference lookup. If less members are missing, "
@@ -3535,13 +3639,13 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1229
+#: sssd-ldap.5.xml:1264
msgid ""
"You can turn off dereference lookups completely by setting the value to 0."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1233
+#: sssd-ldap.5.xml:1268
msgid ""
"A dereference lookup is a means of fetching all group members in a single "
"LDAP call. Different LDAP servers may implement different dereference "
@@ -3550,7 +3654,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1241
+#: sssd-ldap.5.xml:1276
msgid ""
"<emphasis>Note:</emphasis> If any of the search bases specifies a search "
"filter, then the dereference lookup performance enhancement will be disabled "
@@ -3558,26 +3662,26 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1254
+#: sssd-ldap.5.xml:1289
msgid "ldap_tls_reqcert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1257
+#: sssd-ldap.5.xml:1292
msgid ""
"Specifies what checks to perform on server certificates in a TLS session, if "
"any. It can be specified as one of the following values:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1263
+#: sssd-ldap.5.xml:1298
msgid ""
"<emphasis>never</emphasis> = The client will not request or check any server "
"certificate."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1267
+#: sssd-ldap.5.xml:1302
msgid ""
"<emphasis>allow</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3585,7 +3689,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1274
+#: sssd-ldap.5.xml:1309
msgid ""
"<emphasis>try</emphasis> = The server certificate is requested. If no "
"certificate is provided, the session proceeds normally. If a bad certificate "
@@ -3593,7 +3697,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1280
+#: sssd-ldap.5.xml:1315
msgid ""
"<emphasis>demand</emphasis> = The server certificate is requested. If no "
"certificate is provided, or a bad certificate is provided, the session is "
@@ -3601,41 +3705,41 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1286
+#: sssd-ldap.5.xml:1321
msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1290
+#: sssd-ldap.5.xml:1325
msgid "Default: hard"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1296
+#: sssd-ldap.5.xml:1331
msgid "ldap_tls_cacert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1299
+#: sssd-ldap.5.xml:1334
msgid ""
"Specifies the file that contains certificates for all of the Certificate "
"Authorities that <command>sssd</command> will recognize."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1304 sssd-ldap.5.xml:1322 sssd-ldap.5.xml:1363
+#: sssd-ldap.5.xml:1339 sssd-ldap.5.xml:1357 sssd-ldap.5.xml:1398
msgid ""
"Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap."
"conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1311
+#: sssd-ldap.5.xml:1346
msgid "ldap_tls_cacertdir (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1314
+#: sssd-ldap.5.xml:1349
msgid ""
"Specifies the path of a directory that contains Certificate Authority "
"certificates in separate individual files. Typically the file names need to "
@@ -3644,32 +3748,32 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1329
+#: sssd-ldap.5.xml:1364
msgid "ldap_tls_cert (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1332
+#: sssd-ldap.5.xml:1367
msgid "Specifies the file that contains the certificate for the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1342
+#: sssd-ldap.5.xml:1377
msgid "ldap_tls_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1345
+#: sssd-ldap.5.xml:1380
msgid "Specifies the file that contains the client's key."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1354
+#: sssd-ldap.5.xml:1389
msgid "ldap_tls_cipher_suite (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1357
+#: sssd-ldap.5.xml:1392
msgid ""
"Specifies acceptable cipher suites. Typically this is a colon sperated "
"list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> "
@@ -3677,24 +3781,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1370
+#: sssd-ldap.5.xml:1405
msgid "ldap_id_use_start_tls (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1373
+#: sssd-ldap.5.xml:1408
msgid ""
"Specifies that the id_provider connection must also use <systemitem class="
"\"protocol\">tls</systemitem> to protect the channel."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1383
+#: sssd-ldap.5.xml:1418
msgid "ldap_id_mapping (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1386
+#: sssd-ldap.5.xml:1421
msgid ""
"Specifies that SSSD should attempt to map user and group IDs from the "
"ldap_user_objectsid and ldap_group_objectsid attributes instead of relying "
@@ -3702,29 +3806,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1392
+#: sssd-ldap.5.xml:1427
msgid "Currently this feature supports only ActiveDirectory objectSID mapping."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1402
+#: sssd-ldap.5.xml:1437
msgid "ldap_sasl_mech (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1405
+#: sssd-ldap.5.xml:1440
msgid ""
"Specify the SASL mechanism to use. Currently only GSSAPI is tested and "
"supported."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1415
+#: sssd-ldap.5.xml:1450
msgid "ldap_sasl_authid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1418
+#: sssd-ldap.5.xml:1453
msgid ""
"Specify the SASL authorization id to use. When GSSAPI is used, this "
"represents the Kerberos principal used for authentication to the directory. "
@@ -3733,17 +3837,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1426
+#: sssd-ldap.5.xml:1461
msgid "Default: host/hostname@REALM"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1432
+#: sssd-ldap.5.xml:1467
msgid "ldap_sasl_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1435
+#: sssd-ldap.5.xml:1470
msgid ""
"Specify the SASL realm to use. When not specified, this option defaults to "
"the value of krb5_realm. If the ldap_sasl_authid contains the realm as "
@@ -3751,49 +3855,49 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1441
+#: sssd-ldap.5.xml:1476
msgid "Default: the value of krb5_realm."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1447
+#: sssd-ldap.5.xml:1482
msgid "ldap_sasl_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1450
+#: sssd-ldap.5.xml:1485
msgid ""
"If set to true, the LDAP library would perform a reverse lookup to "
"canonicalize the host name during a SASL bind."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1455
+#: sssd-ldap.5.xml:1490
msgid "Default: false;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1461
+#: sssd-ldap.5.xml:1496
msgid "ldap_krb5_keytab (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1464
+#: sssd-ldap.5.xml:1499
msgid "Specify the keytab to use when using SASL/GSSAPI."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1467
+#: sssd-ldap.5.xml:1502
msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1473
+#: sssd-ldap.5.xml:1508
msgid "ldap_krb5_init_creds (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1476
+#: sssd-ldap.5.xml:1511
msgid ""
"Specifies that the id_provider should init Kerberos credentials (TGT). This "
"action is performed only if SASL is used and the mechanism selected is "
@@ -3801,27 +3905,27 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1488
+#: sssd-ldap.5.xml:1523
msgid "ldap_krb5_ticket_lifetime (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1491
+#: sssd-ldap.5.xml:1526
msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1495 sssd-ad.5.xml:213
+#: sssd-ldap.5.xml:1530 sssd-ad.5.xml:225
msgid "Default: 86400 (24 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1501 sssd-krb5.5.xml:74
+#: sssd-ldap.5.xml:1536 sssd-krb5.5.xml:74
msgid "krb5_server, krb5_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1504
+#: sssd-ldap.5.xml:1539
msgid ""
"Specifies the comma-separated list of IP addresses or hostnames of the "
"Kerberos servers to which SSSD should connect in the order of preference. "
@@ -3833,7 +3937,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1516 sssd-krb5.5.xml:89
+#: sssd-ldap.5.xml:1551 sssd-krb5.5.xml:89
msgid ""
"When using service discovery for KDC or kpasswd servers, SSSD first searches "
"for DNS entries that specify _udp as the protocol and falls back to _tcp if "
@@ -3841,7 +3945,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1521 sssd-krb5.5.xml:94
+#: sssd-ldap.5.xml:1556 sssd-krb5.5.xml:94
msgid ""
"This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. "
"While the legacy name is recognized for the time being, users are advised to "
@@ -3849,53 +3953,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1530 sssd-ipa.5.xml:367 sssd-krb5.5.xml:103
+#: sssd-ldap.5.xml:1565 sssd-ipa.5.xml:371 sssd-krb5.5.xml:103
msgid "krb5_realm (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1533
+#: sssd-ldap.5.xml:1568
msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1536
+#: sssd-ldap.5.xml:1571
msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1542 sssd-ipa.5.xml:382 sssd-krb5.5.xml:440
+#: sssd-ldap.5.xml:1577 sssd-ipa.5.xml:386 sssd-krb5.5.xml:440
msgid "krb5_canonicalize (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1545
+#: sssd-ldap.5.xml:1580
msgid ""
"Specifies if the host principal should be canonicalized when connecting to "
"LDAP server. This feature is available with MIT Kerberos >= 1.7"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1557
+#: sssd-ldap.5.xml:1592 sssd-krb5.5.xml:455
+msgid "krb5_use_kdcinfo (boolean)"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1595 sssd-krb5.5.xml:458
+msgid ""
+"Specifies if the SSSD should be instructing the Kerberos libraries what "
+"realm and which KDCs to use. This option is on by default, if you disable "
+"it, you need to configure the Kerberos library using the <citerefentry> "
+"<refentrytitle>krb5.conf</refentrytitle> <manvolnum>5</manvolnum> </"
+"citerefentry> configuration file."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1606 sssd-krb5.5.xml:469
+msgid ""
+"See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</"
+"refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more "
+"information on the locator plugin."
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
+#: sssd-ldap.5.xml:1620
msgid "ldap_pwd_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1560
+#: sssd-ldap.5.xml:1623
msgid ""
"Select the policy to evaluate the password expiration on the client side. "
"The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1565
+#: sssd-ldap.5.xml:1628
msgid ""
"<emphasis>none</emphasis> - No evaluation on the client side. This option "
"cannot disable server-side password policies."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1570
+#: sssd-ldap.5.xml:1633
msgid ""
"<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</"
"refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to "
@@ -3903,7 +4030,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1576
+#: sssd-ldap.5.xml:1639
msgid ""
"<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos "
"to determine if the password has expired. Use chpass_provider=krb5 to update "
@@ -3911,29 +4038,29 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1582
+#: sssd-ldap.5.xml:1645
msgid "Default: none"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1588
+#: sssd-ldap.5.xml:1651
msgid "ldap_referrals (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1591
+#: sssd-ldap.5.xml:1654
msgid "Specifies whether automatic referral chasing should be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1595
+#: sssd-ldap.5.xml:1658
msgid ""
"Please note that sssd only supports referral chasing when it is compiled "
"with OpenLDAP version 2.4.13 or higher."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1600
+#: sssd-ldap.5.xml:1663
msgid ""
"Chasing referrals may incur a performance penalty in environments that use "
"them heavily, a notable example is Microsoft Active Directory. If your setup "
@@ -3942,56 +4069,56 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1614
+#: sssd-ldap.5.xml:1677
msgid "ldap_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1617
+#: sssd-ldap.5.xml:1680
msgid "Specifies the service name to use when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1621
+#: sssd-ldap.5.xml:1684
msgid "Default: ldap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1627
+#: sssd-ldap.5.xml:1690
msgid "ldap_chpass_dns_service_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1630
+#: sssd-ldap.5.xml:1693
msgid ""
"Specifies the service name to use to find an LDAP server which allows "
"password changes when service discovery is enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1635
+#: sssd-ldap.5.xml:1698
msgid "Default: not set, i.e. service discovery is disabled"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1641
+#: sssd-ldap.5.xml:1704
msgid "ldap_chpass_update_last_change (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1644
+#: sssd-ldap.5.xml:1707
msgid ""
"Specifies whether to update the ldap_user_shadow_last_change attribute with "
"days since the Epoch after a password change operation."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1656
+#: sssd-ldap.5.xml:1719
msgid "ldap_access_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1659
+#: sssd-ldap.5.xml:1722
msgid ""
"If using access_provider = ldap and ldap_access_order = filter (default), "
"this option is mandatory. It specifies an LDAP search filter criteria that "
@@ -4002,12 +4129,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1671 sssd-ldap.5.xml:2258
+#: sssd-ldap.5.xml:1734 sssd-ldap.5.xml:2328
msgid "Example:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:1674
+#: sssd-ldap.5.xml:1737
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -4016,14 +4143,14 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1678
+#: sssd-ldap.5.xml:1741
msgid ""
"This example means that access to this host is restricted to members of the "
"\"allowedusers\" group in ldap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1683
+#: sssd-ldap.5.xml:1746
msgid ""
"Offline caching for this feature is limited to determining whether the "
"user's last online login was granted access permission. If they were granted "
@@ -4032,24 +4159,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1691 sssd-ldap.5.xml:1741
+#: sssd-ldap.5.xml:1754 sssd-ldap.5.xml:1811
msgid "Default: Empty"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1697
+#: sssd-ldap.5.xml:1760
msgid "ldap_account_expire_policy (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1700
+#: sssd-ldap.5.xml:1763
msgid ""
"With this option a client side evaluation of access control attributes can "
"be enabled."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1704
+#: sssd-ldap.5.xml:1767
msgid ""
"Please note that it is always recommended to use server side access control, "
"i.e. the LDAP server should deny the bind request with a suitable error code "
@@ -4057,19 +4184,19 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1711
+#: sssd-ldap.5.xml:1774
msgid "The following values are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1714
+#: sssd-ldap.5.xml:1777
msgid ""
"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to "
"determine if the account is expired."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1719
+#: sssd-ldap.5.xml:1782
msgid ""
"<emphasis>ad</emphasis>: use the value of the 32bit field "
"ldap_user_ad_user_account_control and allow access if the second bit is not "
@@ -4078,7 +4205,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1726
+#: sssd-ldap.5.xml:1789
msgid ""
"<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</"
"emphasis>: use the value of ldap_ns_account_lock to check if access is "
@@ -4086,7 +4213,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1732
+#: sssd-ldap.5.xml:1795
msgid ""
"<emphasis>nds</emphasis>: the values of "
"ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and "
@@ -4094,109 +4221,117 @@ msgid ""
"If both attributes are missing access is granted."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ldap.5.xml:1804
+msgid ""
+"Please note that the ldap_access_order configuration option <emphasis>must</"
+"emphasis> include <quote>expire</quote> in order for the "
+"ldap_account_expire_policy option to work."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1747
+#: sssd-ldap.5.xml:1817
msgid "ldap_access_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1750
+#: sssd-ldap.5.xml:1820
msgid "Comma separated list of access control options. Allowed values are:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1754
+#: sssd-ldap.5.xml:1824
msgid "<emphasis>filter</emphasis>: use ldap_access_filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1757
+#: sssd-ldap.5.xml:1827
msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1761
+#: sssd-ldap.5.xml:1831
msgid ""
"<emphasis>authorized_service</emphasis>: use the authorizedService attribute "
"to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1766
+#: sssd-ldap.5.xml:1836
msgid "<emphasis>host</emphasis>: use the host attribute to determine access"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1770
+#: sssd-ldap.5.xml:1840
msgid "Default: filter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1773
+#: sssd-ldap.5.xml:1843
msgid ""
"Please note that it is a configuration error if a value is used more than "
"once."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1780
+#: sssd-ldap.5.xml:1850
msgid "ldap_deref (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1783
+#: sssd-ldap.5.xml:1853
msgid ""
"Specifies how alias dereferencing is done when performing a search. The "
"following options are allowed:"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1788
+#: sssd-ldap.5.xml:1858
msgid "<emphasis>never</emphasis>: Aliases are never dereferenced."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1792
+#: sssd-ldap.5.xml:1862
msgid ""
"<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of "
"the base object, but not in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1797
+#: sssd-ldap.5.xml:1867
msgid ""
"<emphasis>finding</emphasis>: Aliases are only dereferenced when locating "
"the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1802
+#: sssd-ldap.5.xml:1872
msgid ""
"<emphasis>always</emphasis>: Aliases are dereferenced both in searching and "
"in locating the base object of the search."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1807
+#: sssd-ldap.5.xml:1877
msgid ""
"Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP "
"client libraries)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1815
+#: sssd-ldap.5.xml:1885
msgid "ldap_rfc2307_fallback_to_local_users (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1818
+#: sssd-ldap.5.xml:1888
msgid ""
"Allows to retain local users as members of an LDAP group for servers that "
"use the RFC2307 schema."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1822
+#: sssd-ldap.5.xml:1892
msgid ""
"In some environments where the RFC2307 schema is used, local users are made "
"members of LDAP groups by adding their names to the memberUid attribute. "
@@ -4207,7 +4342,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1833
+#: sssd-ldap.5.xml:1903
msgid ""
"This option falls back to checking if local users are referenced, and caches "
"them so that later initgroups() calls will augment the local users with the "
@@ -4225,213 +4360,213 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:1849
+#: sssd-ldap.5.xml:1919
msgid "SUDO OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1853
+#: sssd-ldap.5.xml:1923
msgid "ldap_sudorule_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1856
+#: sssd-ldap.5.xml:1926
msgid "The object class of a sudo rule entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1859
+#: sssd-ldap.5.xml:1929
msgid "Default: sudoRole"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1865
+#: sssd-ldap.5.xml:1935
msgid "ldap_sudorule_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1868
+#: sssd-ldap.5.xml:1938
msgid "The LDAP attribute that corresponds to the sudo rule name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1878
+#: sssd-ldap.5.xml:1948
msgid "ldap_sudorule_command (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1881
+#: sssd-ldap.5.xml:1951
msgid "The LDAP attribute that corresponds to the command name."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1885
+#: sssd-ldap.5.xml:1955
msgid "Default: sudoCommand"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1891
+#: sssd-ldap.5.xml:1961
msgid "ldap_sudorule_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1894
+#: sssd-ldap.5.xml:1964
msgid ""
"The LDAP attribute that corresponds to the host name (or host IP address, "
"host IP network, or host netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1899
+#: sssd-ldap.5.xml:1969
msgid "Default: sudoHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1905
+#: sssd-ldap.5.xml:1975
msgid "ldap_sudorule_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1908
+#: sssd-ldap.5.xml:1978
msgid ""
"The LDAP attribute that corresponds to the user name (or UID, group name or "
"user's netgroup)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1912
+#: sssd-ldap.5.xml:1982
msgid "Default: sudoUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1918
+#: sssd-ldap.5.xml:1988
msgid "ldap_sudorule_option (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1921
+#: sssd-ldap.5.xml:1991
msgid "The LDAP attribute that corresponds to the sudo options."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1925
+#: sssd-ldap.5.xml:1995
msgid "Default: sudoOption"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1931
+#: sssd-ldap.5.xml:2001
msgid "ldap_sudorule_runasuser (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1934
+#: sssd-ldap.5.xml:2004
msgid ""
"The LDAP attribute that corresponds to the user name that commands may be "
"run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1938
+#: sssd-ldap.5.xml:2008
msgid "Default: sudoRunAsUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1944
+#: sssd-ldap.5.xml:2014
msgid "ldap_sudorule_runasgroup (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1947
+#: sssd-ldap.5.xml:2017
msgid ""
"The LDAP attribute that corresponds to the group name or group GID that "
"commands may be run as."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1951
+#: sssd-ldap.5.xml:2021
msgid "Default: sudoRunAsGroup"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1957
+#: sssd-ldap.5.xml:2027
msgid "ldap_sudorule_notbefore (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1960
+#: sssd-ldap.5.xml:2030
msgid ""
"The LDAP attribute that corresponds to the start date/time for when the sudo "
"rule is valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1964
+#: sssd-ldap.5.xml:2034
msgid "Default: sudoNotBefore"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1970
+#: sssd-ldap.5.xml:2040
msgid "ldap_sudorule_notafter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1973
+#: sssd-ldap.5.xml:2043
msgid ""
"The LDAP attribute that corresponds to the expiration date/time, after which "
"the sudo rule will no longer be valid."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1978
+#: sssd-ldap.5.xml:2048
msgid "Default: sudoNotAfter"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1984
+#: sssd-ldap.5.xml:2054
msgid "ldap_sudorule_order (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1987
+#: sssd-ldap.5.xml:2057
msgid "The LDAP attribute that corresponds to the ordering index of the rule."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:1991
+#: sssd-ldap.5.xml:2061
msgid "Default: sudoOrder"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:1997
+#: sssd-ldap.5.xml:2067
msgid "ldap_sudo_full_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2000
+#: sssd-ldap.5.xml:2070
msgid ""
"How many seconds SSSD will wait between executing a full refresh of sudo "
"rules (which downloads all rules that are stored on the server)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2005
+#: sssd-ldap.5.xml:2075
msgid ""
"The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </"
"emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2010
+#: sssd-ldap.5.xml:2080
msgid "Default: 21600 (6 hours)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2016
+#: sssd-ldap.5.xml:2086
msgid "ldap_sudo_smart_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2019
+#: sssd-ldap.5.xml:2089
msgid ""
"How many seconds SSSD has to wait before executing a smart refresh of sudo "
"rules (which downloads all rules that have USN higher than the highest USN "
@@ -4439,106 +4574,106 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2025
+#: sssd-ldap.5.xml:2095
msgid ""
"If USN attributes are not supported by the server, the modifyTimestamp "
"attribute is used instead."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2035
+#: sssd-ldap.5.xml:2105
msgid "ldap_sudo_use_host_filter (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2038
+#: sssd-ldap.5.xml:2108
msgid ""
"If true, SSSD will download only rules that are applicable to this machine "
"(using the IPv4 or IPv6 host/network addresses and hostnames)."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2049
+#: sssd-ldap.5.xml:2119
msgid "ldap_sudo_hostnames (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2052
+#: sssd-ldap.5.xml:2122
msgid ""
"Space separated list of hostnames or fully qualified domain names that "
"should be used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2057
+#: sssd-ldap.5.xml:2127
msgid ""
"If this option is empty, SSSD will try to discover the hostname and the "
"fully qualified domain name automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2062 sssd-ldap.5.xml:2085 sssd-ldap.5.xml:2103
-#: sssd-ldap.5.xml:2121
+#: sssd-ldap.5.xml:2132 sssd-ldap.5.xml:2155 sssd-ldap.5.xml:2173
+#: sssd-ldap.5.xml:2191
msgid ""
"If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</"
"emphasis> then this option has no effect."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2067 sssd-ldap.5.xml:2090
+#: sssd-ldap.5.xml:2137 sssd-ldap.5.xml:2160
msgid "Default: not specified"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2073
+#: sssd-ldap.5.xml:2143
msgid "ldap_sudo_ip (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2076
+#: sssd-ldap.5.xml:2146
msgid ""
"Space separated list of IPv4 or IPv6 host/network addresses that should be "
"used to filter the rules."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2081
+#: sssd-ldap.5.xml:2151
msgid ""
"If this option is empty, SSSD will try to discover the addresses "
"automatically."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2096
+#: sssd-ldap.5.xml:2166
msgid "ldap_sudo_include_netgroups (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2099
+#: sssd-ldap.5.xml:2169
msgid ""
"If true then SSSD will download every rule that contains a netgroup in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2114
+#: sssd-ldap.5.xml:2184
msgid "ldap_sudo_include_regexp (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2117
+#: sssd-ldap.5.xml:2187
msgid ""
"If true then SSSD will download every rule that contains a wildcard in "
"sudoHost attribute."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:1851
+#: sssd-ldap.5.xml:1921
msgid "<placeholder type=\"variablelist\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2133
+#: sssd-ldap.5.xml:2203
msgid ""
"This manual page only describes attribute name mapping. For detailed "
"explanation of sudo related attribute semantics, see <citerefentry> "
@@ -4547,76 +4682,76 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2143
+#: sssd-ldap.5.xml:2213
msgid "AUTOFS OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2145
+#: sssd-ldap.5.xml:2215
msgid ""
"Please note that the default values correspond to the default schema which "
"is RFC2307."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2151
+#: sssd-ldap.5.xml:2221
msgid "ldap_autofs_map_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2154 sssd-ldap.5.xml:2180
+#: sssd-ldap.5.xml:2224 sssd-ldap.5.xml:2250
msgid "The object class of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2157 sssd-ldap.5.xml:2184
+#: sssd-ldap.5.xml:2227 sssd-ldap.5.xml:2254
msgid "Default: automountMap"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2164
+#: sssd-ldap.5.xml:2234
msgid "ldap_autofs_map_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2167
+#: sssd-ldap.5.xml:2237
msgid "The name of an automount map entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2170
+#: sssd-ldap.5.xml:2240
msgid "Default: ou"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2177
+#: sssd-ldap.5.xml:2247
msgid "ldap_autofs_entry_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2191
+#: sssd-ldap.5.xml:2261
msgid "ldap_autofs_entry_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2194 sssd-ldap.5.xml:2208
+#: sssd-ldap.5.xml:2264 sssd-ldap.5.xml:2278
msgid ""
"The key of an automount entry in LDAP. The entry usually corresponds to a "
"mount point."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2205
+#: sssd-ldap.5.xml:2275
msgid "ldap_autofs_entry_value (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2212
+#: sssd-ldap.5.xml:2282
msgid "Default: automountInformation"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2149
+#: sssd-ldap.5.xml:2219
msgid ""
"<placeholder type=\"variablelist\" id=\"0\"/> <placeholder type="
"\"variablelist\" id=\"1\"/> <placeholder type=\"variablelist\" id=\"2\"/> "
@@ -4625,46 +4760,46 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2222
+#: sssd-ldap.5.xml:2292
msgid "ADVANCED OPTIONS"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2229
+#: sssd-ldap.5.xml:2299
msgid "ldap_netgroup_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2234
+#: sssd-ldap.5.xml:2304
msgid "ldap_user_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2239
+#: sssd-ldap.5.xml:2309
msgid "ldap_group_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2244
+#: sssd-ldap.5.xml:2314
msgid "ldap_user_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2247
+#: sssd-ldap.5.xml:2317
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict user searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2251
+#: sssd-ldap.5.xml:2321
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_user_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting>
-#: sssd-ldap.5.xml:2261
+#: sssd-ldap.5.xml:2331
#, no-wrap
msgid ""
" ldap_user_search_filter = (loginShell=/bin/tcsh)\n"
@@ -4672,43 +4807,43 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2264
+#: sssd-ldap.5.xml:2334
msgid ""
"This filter would restrict user searches to users that have their shell set "
"to /bin/tcsh."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2271
+#: sssd-ldap.5.xml:2341
msgid "ldap_group_search_filter (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2274
+#: sssd-ldap.5.xml:2344
msgid ""
"This option specifies an additional LDAP search filter criteria that "
"restrict group searches."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ldap.5.xml:2278
+#: sssd-ldap.5.xml:2348
msgid ""
"This option is <emphasis>deprecated</emphasis> in favor of the syntax used "
"by ldap_group_search_base."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2288
+#: sssd-ldap.5.xml:2358
msgid "ldap_sudo_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ldap.5.xml:2293
+#: sssd-ldap.5.xml:2363
msgid "ldap_autofs_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2224
+#: sssd-ldap.5.xml:2294
msgid ""
"These options are supported by LDAP domains, but they should be used with "
"caution. Please include them in your configuration only if you know what you "
@@ -4716,7 +4851,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2310
+#: sssd-ldap.5.xml:2380
msgid ""
"The following example assumes that SSSD is correctly configured and LDAP is "
"set to one of the domains in the <replaceable>[domains]</replaceable> "
@@ -4724,7 +4859,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ldap.5.xml:2316
+#: sssd-ldap.5.xml:2386
#, no-wrap
msgid ""
" [domain/LDAP]\n"
@@ -4737,20 +4872,20 @@ msgid ""
msgstr ""
#. type: Content of: <refsect1><refsect2><para>
-#: sssd-ldap.5.xml:2315 sssd-simple.5.xml:139 sssd-ipa.5.xml:744
-#: sssd-ad.5.xml:284 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:487
+#: sssd-ldap.5.xml:2385 sssd-simple.5.xml:139 sssd-ipa.5.xml:748
+#: sssd-ad.5.xml:296 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-krb5.5.xml:515
#: include/ldap_id_mapping.xml:63
msgid "<placeholder type=\"programlisting\" id=\"0\"/>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ldap.5.xml:2328 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:299
+#: sssd-ldap.5.xml:2398 sssd_krb5_locator_plugin.8.xml:61 sssd-ad.5.xml:311
#: sss_seed.8.xml:163
msgid "NOTES"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ldap.5.xml:2330
+#: sssd-ldap.5.xml:2400
msgid ""
"The descriptions of some of the configuration options in this manual page "
"are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> "
@@ -5185,7 +5320,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:116 sssd-ad.5.xml:156
+#: sssd-ipa.5.xml:116 sssd-ad.5.xml:162
msgid "dyndns_update (boolean)"
msgstr ""
@@ -5193,18 +5328,21 @@ msgstr ""
#: sssd-ipa.5.xml:119
msgid ""
"Optional. This option tells SSSD to automatically update the DNS server "
-"built into FreeIPA v2 with the IP address of this client."
+"built into FreeIPA v2 with the IP address of this client. The update is "
+"secured using GSS-TSIG. The IP address of the IPA LDAP connection is used "
+"for the updates, if it is not otherwise specified by using the "
+"<quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:124 sssd-ad.5.xml:164
+#: sssd-ipa.5.xml:128 sssd-ad.5.xml:176
msgid ""
"NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, "
"the default Kerberos realm must be set properly in /etc/krb5.conf"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:129
+#: sssd-ipa.5.xml:133
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_update</"
"emphasis> option, users should migrate to using <emphasis>dyndns_update</"
@@ -5212,12 +5350,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:141 sssd-ad.5.xml:175
+#: sssd-ipa.5.xml:145 sssd-ad.5.xml:187
msgid "dyndns_ttl (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:144 sssd-ad.5.xml:178
+#: sssd-ipa.5.xml:148 sssd-ad.5.xml:190
msgid ""
"The TTL to apply to the client DNS record when updating it. If "
"dyndns_update is false this has no effect. This will override the TTL "
@@ -5225,7 +5363,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:149
+#: sssd-ipa.5.xml:153
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_ttl</"
"emphasis> option, users should migrate to using <emphasis>dyndns_ttl</"
@@ -5233,24 +5371,24 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:155
+#: sssd-ipa.5.xml:159
msgid "Default: 1200 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:161 sssd-ad.5.xml:189
+#: sssd-ipa.5.xml:165 sssd-ad.5.xml:201
msgid "dyndns_iface (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:164 sssd-ad.5.xml:192
+#: sssd-ipa.5.xml:168 sssd-ad.5.xml:204
msgid ""
"Optional. Applicable only when dyndns_update is true. Choose the interface "
"whose IP address should be used for dynamic DNS updates."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:169
+#: sssd-ipa.5.xml:173
msgid ""
"NOTE: While it is still possible to use the old <emphasis>ipa_dyndns_iface</"
"emphasis> option, users should migrate to using <emphasis>dyndns_iface</"
@@ -5258,22 +5396,22 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:175 sssd-ad.5.xml:197
+#: sssd-ipa.5.xml:179
msgid "Default: Use the IP address of the IPA LDAP connection"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:181
+#: sssd-ipa.5.xml:185
msgid "ipa_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:184 sssd-ad.5.xml:138
+#: sssd-ipa.5.xml:188 sssd-ad.5.xml:142
msgid "Enables DNS sites - location based service discovery."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:188
+#: sssd-ipa.5.xml:192
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, then the SSSD will first attempt location "
@@ -5285,98 +5423,93 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:207 sssd-ad.5.xml:203
+#: sssd-ipa.5.xml:211 sssd-ad.5.xml:215
msgid "dyndns_refresh_interval (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:210 sssd-ad.5.xml:206
+#: sssd-ipa.5.xml:214 sssd-ad.5.xml:218
msgid ""
"How often should the back end perform periodic DNS update in addition to the "
"automatic update performed when the back end goes online. This option is "
"optional and applicable only when dyndns_update is true."
msgstr ""
-#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:217
-msgid "Default: 0 (disabled)"
-msgstr ""
-
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:223 sssd-ad.5.xml:219
+#: sssd-ipa.5.xml:227 sssd-ad.5.xml:231
msgid "dyndns_update_ptr (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:226 sssd-ad.5.xml:222
+#: sssd-ipa.5.xml:230 sssd-ad.5.xml:234
msgid ""
"Whether the PTR record should also be explicitly updated when updating the "
"client's DNS records. Applicable only when dyndns_update is true."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:231
+#: sssd-ipa.5.xml:235
msgid ""
-"This options should be False in most IPA deployments as the IPA server "
+"This option should be False in most IPA deployments as the IPA server "
"generates the PTR records automatically when forward records are changed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:237
+#: sssd-ipa.5.xml:241
msgid "Default: False (disabled)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:243 sssd-ad.5.xml:233
+#: sssd-ipa.5.xml:247 sssd-ad.5.xml:245
msgid "dyndns_force_tcp (bool)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:246 sssd-ad.5.xml:236
+#: sssd-ipa.5.xml:250 sssd-ad.5.xml:248
msgid ""
"Whether the nsupdate utility should default to using TCP for communicating "
"with the DNS server."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:250 sssd-ad.5.xml:240
+#: sssd-ipa.5.xml:254 sssd-ad.5.xml:252
msgid "Default: False (let nsupdate choose the protocol)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:256
+#: sssd-ipa.5.xml:260
msgid "ipa_hbac_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:259
+#: sssd-ipa.5.xml:263
msgid "Optional. Use the given string as search base for HBAC related objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:263
+#: sssd-ipa.5.xml:267
msgid "Default: Use base DN"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:269
+#: sssd-ipa.5.xml:273
msgid "ipa_host_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:272
+#: sssd-ipa.5.xml:276
msgid "Optional. Use the given string as search base for host objects."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:276 sssd-ipa.5.xml:300 sssd-ipa.5.xml:319 sssd-ipa.5.xml:338
+#: sssd-ipa.5.xml:280 sssd-ipa.5.xml:304 sssd-ipa.5.xml:323 sssd-ipa.5.xml:342
msgid ""
"See <quote>ldap_search_base</quote> for information about configuring "
"multiple search bases."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:281
+#: sssd-ipa.5.xml:285
msgid ""
"If filter is given in any of search bases and "
"<emphasis>ipa_hbac_support_srchost</emphasis> is set to False, the filter "
@@ -5384,86 +5517,86 @@ msgid ""
msgstr ""
#. type: Content of: <listitem><para>
-#: sssd-ipa.5.xml:286 sssd-ipa.5.xml:305 include/ldap_search_bases.xml:23
+#: sssd-ipa.5.xml:290 sssd-ipa.5.xml:309 include/ldap_search_bases.xml:23
#: include/ldap_search_bases_experimental.xml:23
msgid "Default: the value of <emphasis>ldap_search_base</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:293
+#: sssd-ipa.5.xml:297
msgid "ipa_selinux_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:296
+#: sssd-ipa.5.xml:300
msgid "Optional. Use the given string as search base for SELinux user maps."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:312
+#: sssd-ipa.5.xml:316
msgid "ipa_subdomains_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:315
+#: sssd-ipa.5.xml:319
msgid "Optional. Use the given string as search base for trusted domains."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:324
+#: sssd-ipa.5.xml:328
msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:331
+#: sssd-ipa.5.xml:335
msgid "ipa_master_domain_search_base (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:334
+#: sssd-ipa.5.xml:338
msgid "Optional. Use the given string as search base for master domain object."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:343
+#: sssd-ipa.5.xml:347
msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:350 sssd-krb5.5.xml:232
+#: sssd-ipa.5.xml:354 sssd-krb5.5.xml:232
msgid "krb5_validate (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:353
+#: sssd-ipa.5.xml:357
msgid ""
"Verify with the help of krb5_keytab that the TGT obtained has not been "
"spoofed."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:360 sssd-ad.5.xml:260
+#: sssd-ipa.5.xml:364 sssd-ad.5.xml:272
msgid ""
"Note that this default differs from the traditional Kerberos provider back "
"end."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:370
+#: sssd-ipa.5.xml:374
msgid ""
"The name of the Kerberos realm. This is optional and defaults to the value "
"of <quote>ipa_domain</quote>."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:374
+#: sssd-ipa.5.xml:378
msgid ""
"The name of the Kerberos realm has a special meaning in IPA - it is "
"converted into the base DN to use for performing LDAP operations."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:385
+#: sssd-ipa.5.xml:389
msgid ""
"Specifies if the host and user principal should be canonicalized when "
"connecting to IPA LDAP and also for AS requests. This feature is available "
@@ -5471,12 +5604,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:398
+#: sssd-ipa.5.xml:402
msgid "ipa_hbac_refresh (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:401
+#: sssd-ipa.5.xml:405
msgid ""
"The amount of time between lookups of the HBAC rules against the IPA server. "
"This will reduce the latency and load on the IPA server if there are many "
@@ -5484,17 +5617,17 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:408 sssd-ipa.5.xml:424
+#: sssd-ipa.5.xml:412 sssd-ipa.5.xml:428
msgid "Default: 5 (seconds)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:414
+#: sssd-ipa.5.xml:418
msgid "ipa_hbac_selinux (integer)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:417
+#: sssd-ipa.5.xml:421
msgid ""
"The amount of time between lookups of the SELinux maps against the IPA "
"server. This will reduce the latency and load on the IPA server if there are "
@@ -5502,12 +5635,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:430
+#: sssd-ipa.5.xml:434
msgid "ipa_hbac_treat_deny_as (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:433
+#: sssd-ipa.5.xml:437
msgid ""
"This option specifies how to treat the deprecated DENY-type HBAC rules. As "
"of FreeIPA v2.1, DENY rules are no longer supported on the server. All users "
@@ -5516,325 +5649,325 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:442
+#: sssd-ipa.5.xml:446
msgid ""
"<emphasis>DENY_ALL</emphasis>: If any HBAC DENY rules are detected, all "
"users will be denied access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:447
+#: sssd-ipa.5.xml:451
msgid ""
"<emphasis>IGNORE</emphasis>: SSSD will ignore any DENY rules. Be very "
"careful with this option, as it may result in opening unintended access."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:452
+#: sssd-ipa.5.xml:456
msgid "Default: DENY_ALL"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:457
+#: sssd-ipa.5.xml:461
msgid "ipa_hbac_support_srchost (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:460
+#: sssd-ipa.5.xml:464
msgid ""
"If this is set to false, then srchost as given to SSSD by PAM will be "
"ignored."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:464
+#: sssd-ipa.5.xml:468
msgid ""
"Note that if set to <emphasis>False</emphasis>, this option casuses filters "
"given in <emphasis>ipa_host_search_base</emphasis> to be ignored;"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:475
+#: sssd-ipa.5.xml:479
msgid "ipa_automount_location (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:478
+#: sssd-ipa.5.xml:482
msgid "The automounter location this IPA client will be using"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:481
+#: sssd-ipa.5.xml:485
msgid "Default: The location named \"default\""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:488
+#: sssd-ipa.5.xml:492
msgid "ipa_netgroup_member_of (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:491
+#: sssd-ipa.5.xml:495
msgid "The LDAP attribute that lists netgroup's memberships."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:500
+#: sssd-ipa.5.xml:504
msgid "ipa_netgroup_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:503
+#: sssd-ipa.5.xml:507
msgid ""
"The LDAP attribute that lists system users and groups that are direct "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:508 sssd-ipa.5.xml:603
+#: sssd-ipa.5.xml:512 sssd-ipa.5.xml:607
msgid "Default: memberUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:513
+#: sssd-ipa.5.xml:517
msgid "ipa_netgroup_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:516
+#: sssd-ipa.5.xml:520
msgid ""
"The LDAP attribute that lists hosts and host groups that are direct members "
"of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:520 sssd-ipa.5.xml:615
+#: sssd-ipa.5.xml:524 sssd-ipa.5.xml:619
msgid "Default: memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:525
+#: sssd-ipa.5.xml:529
msgid "ipa_netgroup_member_ext_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:528
+#: sssd-ipa.5.xml:532
msgid ""
"The LDAP attribute that lists FQDNs of hosts and host groups that are "
"members of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:532
+#: sssd-ipa.5.xml:536
msgid "Default: externalHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:537
+#: sssd-ipa.5.xml:541
msgid "ipa_netgroup_domain (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:540
+#: sssd-ipa.5.xml:544
msgid "The LDAP attribute that contains NIS domain name of the netgroup."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:544
+#: sssd-ipa.5.xml:548
msgid "Default: nisDomainName"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:550
+#: sssd-ipa.5.xml:554
msgid "ipa_host_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:553 sssd-ipa.5.xml:576
+#: sssd-ipa.5.xml:557 sssd-ipa.5.xml:580
msgid "The object class of a host entry in LDAP."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:556 sssd-ipa.5.xml:579
+#: sssd-ipa.5.xml:560 sssd-ipa.5.xml:583
msgid "Default: ipaHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:561
+#: sssd-ipa.5.xml:565
msgid "ipa_host_fqdn (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:564
+#: sssd-ipa.5.xml:568
msgid "The LDAP attribute that contains FQDN of the host."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:567
+#: sssd-ipa.5.xml:571
msgid "Default: fqdn"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:573
+#: sssd-ipa.5.xml:577
msgid "ipa_selinux_usermap_object_class (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:584
+#: sssd-ipa.5.xml:588
msgid "ipa_selinux_usermap_name (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:587
+#: sssd-ipa.5.xml:591
msgid "The LDAP attribute that contains the name of SELinux usermap."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:596
+#: sssd-ipa.5.xml:600
msgid "ipa_selinux_usermap_member_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:599
+#: sssd-ipa.5.xml:603
msgid ""
"The LDAP attribute that contains all users / groups this rule match against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:608
+#: sssd-ipa.5.xml:612
msgid "ipa_selinux_usermap_member_host (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:611
+#: sssd-ipa.5.xml:615
msgid ""
"The LDAP attribute that contains all hosts / hostgroups this rule match "
"against."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:620
+#: sssd-ipa.5.xml:624
msgid "ipa_selinux_usermap_see_also (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:623
+#: sssd-ipa.5.xml:627
msgid ""
"The LDAP attribute that contains DN of HBAC rule which can be used for "
"matching instead of memberUser and memberHost"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:628
+#: sssd-ipa.5.xml:632
msgid "Default: seeAlso"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:633
+#: sssd-ipa.5.xml:637
msgid "ipa_selinux_usermap_selinux_user (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:636
+#: sssd-ipa.5.xml:640
msgid "The LDAP attribute that contains SELinux user string itself."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:640
+#: sssd-ipa.5.xml:644
msgid "Default: ipaSELinuxUser"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:645
+#: sssd-ipa.5.xml:649
msgid "ipa_selinux_usermap_enabled (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:648
+#: sssd-ipa.5.xml:652
msgid ""
"The LDAP attribute that contains whether or not is user map enabled for "
"usage."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:652
+#: sssd-ipa.5.xml:656
msgid "Default: ipaEnabledFlag"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:657
+#: sssd-ipa.5.xml:661
msgid "ipa_selinux_usermap_user_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:660
+#: sssd-ipa.5.xml:664
msgid "The LDAP attribute that contains user category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:664
+#: sssd-ipa.5.xml:668
msgid "Default: userCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:669
+#: sssd-ipa.5.xml:673
msgid "ipa_selinux_usermap_host_category (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:672
+#: sssd-ipa.5.xml:676
msgid "The LDAP attribute that contains host category such as 'all'."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:676
+#: sssd-ipa.5.xml:680
msgid "Default: hostCategory"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:681
+#: sssd-ipa.5.xml:685
msgid "ipa_selinux_usermap_uuid (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:684
+#: sssd-ipa.5.xml:688
msgid "The LDAP attribute that contains unique ID of the user map."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:688
+#: sssd-ipa.5.xml:692
msgid "Default: ipaUniqueID"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ipa.5.xml:693
+#: sssd-ipa.5.xml:697
msgid "ipa_host_ssh_public_key (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:696
+#: sssd-ipa.5.xml:700
msgid "The LDAP attribute that contains the host's SSH public keys."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ipa.5.xml:700
+#: sssd-ipa.5.xml:704
msgid "Default: ipaSshPubKey"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><title>
-#: sssd-ipa.5.xml:709
+#: sssd-ipa.5.xml:713
msgid "SUBDOMAINS PROVIDER"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:711
+#: sssd-ipa.5.xml:715
msgid ""
"The IPA subdomains provider behaves slightly differently if it is configured "
"explicitly or implicitly."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:715
+#: sssd-ipa.5.xml:719
msgid ""
"If the option 'subdomains_provider = ipa' is found in the domain section of "
"sssd.conf, the IPA subdomains provider is configured explicitly, and all "
@@ -5842,7 +5975,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:721
+#: sssd-ipa.5.xml:725
msgid ""
"If the option 'subdomains_provider' is not set in the domain section of sssd."
"conf but there is the option 'id_provider = ipa', the IPA subdomains "
@@ -5854,7 +5987,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ipa.5.xml:738
+#: sssd-ipa.5.xml:742
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -5862,7 +5995,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ipa.5.xml:745
+#: sssd-ipa.5.xml:749
#, no-wrap
msgid ""
" [domain/example.com]\n"
@@ -5958,13 +6091,20 @@ msgid ""
"version of the long version of the Active Directory domain."
msgstr ""
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:99
+msgid ""
+"The short domain name (also known as the NetBIOS or the flat name) is "
+"autodetected by the SSSD."
+msgstr ""
+
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:102
+#: sssd-ad.5.xml:106
msgid "ad_server, ad_backup_server (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:105
+#: sssd-ad.5.xml:109
msgid ""
"The comma-separated list of IP addresses or hostnames of the AD servers to "
"which SSSD should connect in order of preference. For more information on "
@@ -5974,12 +6114,12 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:118
+#: sssd-ad.5.xml:122
msgid "ad_hostname (string)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:121
+#: sssd-ad.5.xml:125
msgid ""
"Optional. May be set on machines where the hostname(5) does not reflect the "
"fully qualified name used in the Active Directory domain to identify this "
@@ -5987,54 +6127,63 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:127
+#: sssd-ad.5.xml:131
msgid ""
"This field is used to determine the host principal in use in the keytab. It "
"must match the hostname for which the keytab was issued."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:135
+#: sssd-ad.5.xml:139
msgid "ad_enable_dns_sites (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:142
+#: sssd-ad.5.xml:146
msgid ""
"If true and service discovery (see Service Discovery paragraph at the bottom "
"of the man page) is enabled, the SSSD will first attempt to discover the "
"Active Directory server to connect to using the Active Directory Site "
-"Discovery and fall back to the DNS SRV records if no AD site is found."
+"Discovery and fall back to the DNS SRV records if no AD site is found. The "
+"DNS SRV configuration, including the discovery domain, is used during site "
+"discovery as well."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:159
+#: sssd-ad.5.xml:165
msgid ""
"Optional. This option tells SSSD to automatically update the Active "
-"Directory DNS server with the IP address of this client."
+"Directory DNS server with the IP address of this client. The update is "
+"secured using GSS-TSIG. As a consequence, the Active Directory administrator "
+"only needs to allow secure updates for the DNS zone. The IP address of the "
+"AD LDAP connection is used for the updates, if it is not otherwise specified "
+"by using the <quote>dyndns_iface</quote> option."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:183
-#, fuzzy
-#| msgid "Default: 3"
+#: sssd-ad.5.xml:195
msgid "Default: 3600 (seconds)"
-msgstr "默认: 3"
+msgstr ""
+
+#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
+#: sssd-ad.5.xml:209
+msgid "Default: Use the IP address of the AD LDAP connection"
+msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term>
-#: sssd-ad.5.xml:248 sssd-krb5.5.xml:455
+#: sssd-ad.5.xml:260 sssd-krb5.5.xml:483
msgid "krb5_use_enterprise_principal (boolean)"
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-ad.5.xml:251 sssd-krb5.5.xml:458
+#: sssd-ad.5.xml:263 sssd-krb5.5.xml:486
msgid ""
"Specifies if the user principal should be treated as enterprise principal. "
"See section 5 of RFC 6806 for more details about enterprise principals."
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:278
+#: sssd-ad.5.xml:290
msgid ""
"The following example assumes that SSSD is correctly configured and example."
"com is one of the domains in the <replaceable>[sssd]</replaceable> section. "
@@ -6042,7 +6191,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:285
+#: sssd-ad.5.xml:297
#, no-wrap
msgid ""
"[domain/EXAMPLE]\n"
@@ -6057,7 +6206,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-ad.5.xml:305
+#: sssd-ad.5.xml:317
#, no-wrap
msgid ""
"access_provider = ldap\n"
@@ -6066,7 +6215,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-ad.5.xml:301
+#: sssd-ad.5.xml:313
msgid ""
"The AD access control provider checks if the account is expired. It has the "
"same effect as the following configuration of the LDAP provider: "
@@ -7131,7 +7280,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para>
-#: sssd-krb5.5.xml:464
+#: sssd-krb5.5.xml:492
msgid "Default: false (AD provide: true)"
msgstr ""
@@ -7146,7 +7295,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para>
-#: sssd-krb5.5.xml:480
+#: sssd-krb5.5.xml:508
msgid ""
"The following example assumes that SSSD is correctly configured and FOO is "
"one of the domains in the <replaceable>[sssd]</replaceable> section. This "
@@ -7155,7 +7304,7 @@ msgid ""
msgstr ""
#. type: Content of: <reference><refentry><refsect1><para><programlisting>
-#: sssd-krb5.5.xml:488
+#: sssd-krb5.5.xml:516
#, no-wrap
msgid ""
" [domain/FOO]\n"
generated by cgit (git 2.34.1) at 2024-04-19 07:16:49 +0000